ServiceNow Integration with Orchestrator
This guide describes the process to integrate ServiceNow with Orchestrator, which allows you to record Orchestrator alarms as ServiceNow incidents. The ServiceNow integration process is completed in four steps:
Step 1: Register to ServiceNow and Create a Service Instance
Before you begin, ensure that you have a valid ServiceNow account. If you do not have a ServiceNow instance, create an instance before you proceed with the steps described in the following sections.
For more information on creating a ServiceNow instance, see the ServiceNow product documentation.
Step 2: Create a Scripted REST API to Obtain Endpoint URL
Complete the following steps to create a Scripted REST API on ServiceNow.
-
Log in to your ServiceNow account at ServiceNow.
-
Click All and enter “Scripted REST APIs” in the filter.
-
Click Scripted REST APIs.
-
Click New, enter Name and API ID, and click Submit.
-
Search for the new API using Name.
-
In the search results, click the API name.
Your scripted REST API endpoint URL is:
https://<your_instance_id>.service-now.com<base_API_path>
-
Scroll to the bottom of the page, click Resources, then click New, enter Name, and select POST as the HTTP method.
-
Copy and paste the following code snippet into the Script section and clear the Require Authentication check box. ServiceNow supports ACL authentication, but this guide uses HTTP header token.
(function process( /*RESTAPIRequest*/ request, /*RESTAPIResponse*/ response) { /* update your own security token here */ var token = <security_token_value>; /* update the custom header name configured on orchestrator API will try get the security token from this http header and do authentication Orchestrator should have this configured in the HTTPS receiver Header value */ var accessToken = request.getHeader(<security_header_name>); // var low_severities = ["MINOR", "WARNING"]; var event = JSON.parse(request.body.dataString); var inc = new GlideRecord('incident'); //authentication here, if token does not match, return 401 error if(token !== accessToken){ response.setStatus(401); response.setBody({ status: "Authentication failed" }); } else { inc.initialize(); //build short_description and description from POST data inc.short_description = "ALARM - " + event.msgId + " - source: " + event.data.source; inc.description = "From: " + event.hostname + "\n" + "seqId: " + event.sequenceId + "\n" + "raisedTime: " + event.data.raisedTime + "\n" + "message: " + event.data.description + "\n" + "content: " + JSON.stringify(event); inc.state = event.severity == "CLEARED" ? "Closed" : "New"; /* Orchestrator alarm has severities: ["CRITICAL", "MAJOR", "MINOR","WARNING"] impact and urgency mapping "CRITICAL" -> impact 1, urgency 1 "MAJOR" -> impact 2, urgency 2 "MINOR","WARNING" -> impact 3, urgency 3 */ if (low_severities.includes(event.severity)) { inc.impact = 3; inc.urgency = 3; } else if (event.severity == "MAJOR") { inc.impact = 2; inc.urgency = 2; } else if (event.severity == "CRITICAL") { inc.impact = 1; inc.urgency = 1; } inc.insert(); response.setStatus(200); response.setBody({ status: "success" }); } })(request, response);
-
After copying the code snippet, replace “security_token_value” with your own security token and “security_header_name” with the custom header name configured on your Orchestrator instance.
-
Click Submit.
The data you entered for the new API is shown in the resources tab.
Step 3: Add an HTTPS Remote Log Receiver in Orchestrator
-
Navigate to Support > Technical Assistance > Remote Log Receiver.
-
Click Add Receiver and then click HTTPS.
The HTTPS Receiver Settings dialog box opens.
-
Enter a name for the receiver.
-
From the Log Type menu select Alarm.
-
In the URL field, enter your ServiceNow scripted REST API URL.
-
Enter Header Name and Header Value, and make sure the values you enter match the values from the ServiceNow REST resource script.
-
Click Save.
Orchestrator should start sending alarm incidents to your ServiceNow endpoint.
Step 4: Verify Alarms on ServiceNow
-
In your ServiceNow instance, navigate to Service Desk > Incidents.
-
To see the details for an incident, click the Incident Number.
If you need any further assistance, contact your Aruba Support representative.