Incident creation for the BTP audit log parser

Plaese check the below scenarios only for the BTP_audit related alerts:

1. For the BTP audit logs, from the ELK events are able to send to splunk with all the mandatory fields. But the incident creation is not happening in splunk for the existing feeder.
2. Please add the Configuration Item value as "SAP Business Technology Platform (BTP) Service" for the BTP related alerts.

Request to please check the feeder and update us on the incident creation.