VictorOps API (Splunk On-Call)

VictorOps (now Splunk On-Call) REST API — incident alerting, on-call scheduling, and escalation management platform enabling agents to trigger alerts, manage incidents, query on-call schedules, and integrate with monitoring systems.

Evaluated Mar 06, 2026 (0d ago) vcurrent

Homepage ↗ Developer Tools victorops splunk-on-call incident-management on-call pagerduty-alternative alerting

⚙ Agent Friendliness

/ 100

Can an agent use this?

🔒 Security

/ 100

Is it safe for agents?

⚡ Reliability

/ 100

Does it work consistently?

Score Breakdown

⚙ Agent Friendliness

MCP Quality

Documentation

Error Messages

Auth Simplicity

Rate Limits

🔒 Security

TLS Enforcement

100

Auth Strength

Scope Granularity

Dep. Hygiene

Secret Handling

SOC2 Type II. GDPR compliant. Dual auth system (ingestion key + REST API headers) adds complexity. No scope granularity on API keys. US data processing. Backed by Splunk enterprise security posture.

⚡ Reliability

Uptime/SLA

Version Stability

Breaking Changes

Error Recovery

Best When

Your organization already uses Splunk observability and wants on-call management tightly integrated within the Splunk ecosystem.

Avoid When

You're choosing an incident management platform fresh — PagerDuty or Opsgenie have more active development and broader integrations.

Use Cases

• Agents triggering VictorOps alerts when monitoring systems detect anomalies requiring human on-call intervention
• Incident enrichment — agents automatically adding context (runbooks, related metrics, recent deployments) to VictorOps incidents
• On-call rotation queries — agents checking current on-call personnel before sending notifications through correct channels
• Incident timeline management — agents acknowledging and resolving incidents programmatically as automated remediation completes
• Escalation policy automation — agents managing VictorOps escalation paths for different alert severity levels

Not For

• New incident management deployments — PagerDuty has more active development; Splunk On-Call investment has slowed post-acquisition
• Teams not on Splunk ecosystem — PagerDuty or Opsgenie are better standalone incident management options
• Complex incident workflows — PagerDuty's Workflow Automation has more sophisticated orchestration capabilities

Interface

REST API

Yes

GraphQL

gRPC

MCP Server

SDK

Webhooks

Yes

OpenAPI Spec ↗

Authentication

Methods: api_key

OAuth: No Scopes: No

API ID and API Key pair from VictorOps settings. Both required in request headers (X-VO-Api-Id and X-VO-Api-Key). Account-level access with no scope granularity. Ingestion endpoint uses separate URL-based auth key.

Pricing

Model: subscription

Free tier: No

Requires CC: No

Now sold through Splunk as Splunk On-Call. Pricing has changed post-acquisition. Free tier with limited users available. Enterprise pricing through Splunk sales process.

Agent Metadata

Pagination

offset

Idempotent

Partial

Retry Guidance

Not documented

Known Gotchas

⚠ Alert ingestion endpoint uses different auth (URL-embedded key) than REST API (header-based) — two auth systems to manage
⚠ Incident correlation via entity_id and entity_display_name — agents must use consistent entity IDs to correlate related alerts
⚠ REST API rate limit (60 req/min) is low for high-frequency monitoring integrations — implement aggressive caching
⚠ Product name changed from VictorOps to Splunk On-Call — documentation and endpoints may reference either name
⚠ Development pace has slowed post-Splunk acquisition — newer features primarily in PagerDuty or Opsgenie

Alternatives

pagerduty-api opsgenie-api grafana-oncall-api betterstack-api

Full Evaluation Report

Detailed scoring breakdown, competitive positioning, security analysis, and improvement recommendations for VictorOps API (Splunk On-Call).

$99

API endpoint ↗ Agent guide ↗ Report inaccuracy

Scores are editorial opinions as of 2026-03-06.