Learn about the ServiceNow Integration.

ServiceNow Incident Integration

ServiceNow is a popular IT services management platform. You can create Operations for Applications alert targets that surface alerts as ServiceNow incidents of different priorities (High, Moderate, Low, Planning). Incidents can also optionally be assigned to groups or categorized.

ServiceNow Setup

Step 1. Create an Operations for Applications alert user in ServiceNow

Operations for Applications will use the ServiceNow user to create incidents. The user will be identified as the caller for each incident. This user will be used by Operations for Applications to create incidents in ServiceNow and will also be identified as the Caller for each incident.

  1. In ServiceNow, navigate to System Security > Users & Groups > Users and click New.
  2. Specify a User ID (for example appMonitor) and a First Name (for example Operations for Applications Alerts).
  3. Make sure that you leave the Password needs reset check box deselected.
  4. Select the Internal Integration User check box.
  5. Click Submit. The new user is created.

Step 2. Generate password for the Operations for Applications alert user

  1. In ServiceNow, navigate to System Security > Users & Groups > Users.
  2. Search for the user created in Step 1 and click the user.
  3. On the user page, click Set Password.
  4. In the Set Password window, click the Generate button.
  5. Click Copy to copy the password.
  6. Click the Save Password button and close the Set Password window.

Step 3. Copy and save the new user’s sys_id

Copy and save the user’s sys_id so you can make the user the caller for incidents that are created.

  1. In ServiceNow, navigate to System Security > Users & Groups > Users.
  2. Search for the user created in Step 1.
  3. Right-click the User ID and select Copy sys_id.
  4. Paste the sys_id into a text file or scratch pad. images/servicenow_copy_user_sys_id.png

Step 4. Generate and save a basic authorization string

The ServiceNow API uses Basic Authorization, a Base64 encoded string, for the user and password. You will use this string in the Authorization header for the API call that creates incidents in ServiceNow. There are several ways to generate this string, this guide uses a public website.

  1. Navigate to https://www.base64encode.org.
  2. Type in the user and password created in Step 1 in this format: user:password.
  3. Click the Encode button.
  4. Copy the resulting Base64 encoded string.
  5. Paste the Base64 encoded string into a text file or scratch pad to save it for later. images/base64_encode.png

Step 5. Create a ServiceNow Alert Target

  1. In Operations for Applications, create an Alert Target.
  2. Give the Alert Target a meaningful name and description.
  3. As Triggers, select the Alert Firing, Alert Status Updated, and Alert Has No Data options.
  4. Set Type to Webhook.
  5. Set the URL field to https://YOUR_INSTANCE.service-now.com/api/now/table/incident replacing YOUR_INSTANCE with the name of your instance in ServiceNow.
  6. Set Content Type to application/json.
  7. Create a new Custom Header with the name Authorization and the value Basic <TOKEN>, where is the Base64 token that you copied and saved in Step 3.
  8. Copy and paste the following into the Body Template of the alert target. 
     {{! https://docs.wavefront.com/alert_target_customizing.html }}
 {
   "short_description":"{{#jsonEscape}}{{{name}}}{{/jsonEscape}}",
   "description":"Series: {{#trimTrailingComma}}{{#jsonEscape}}{{#newlyFailingSeries}}{{{.}}}, {{/newlyFailingSeries}}{{/jsonEscape}}{{/trimTrailingComma}}\nSources: {{#trimTrailingComma}}{{#jsonEscape}}{{#newlyFailingHosts}}{{{.}}}, {{/newlyFailingHosts}}{{/jsonEscape}}{{/trimTrailingComma}}\n\n{{{url}}}\n\n{{#jsonEscape}}{{{additionalInformation}}}{{/jsonEscape}}",
   "state":"1",
   "impact":"{{#severityInfo}}3{{/severityInfo}}{{#severitySmoke}}3{{/severitySmoke}}{{#severityWarn}}2{{/severityWarn}}{{#severitySevere}}2{{/severitySevere}}",
   "urgency":"{{#severityInfo}}3{{/severityInfo}}{{#severitySmoke}}2{{/severitySmoke}}{{#severityWarn}}2{{/severityWarn}}{{#severitySevere}}1{{/severitySevere}}",

   {{! caller_id is the reference to any Security User in ServiceNow that will be used as the Caller for the incident record }}
   "caller_id":"",

   {{! The following parameters are popular optional fields used in ServiceNow }}
   {{! assignment_group is the reference to any Security group in ServiceNow }}
   "assignment_group":"",
   {{! category is any valid cateogry string that can be used for incidents }}
   "category":""
 }

    Note: The assignment_group and category parameters are optional in the template.

  9. In the Body Template, find the caller_id property and set its value to the sys_id that you copied in Step 2.

  10. Customize other aspects of the template as desired. images/servicenow_alert_target.png

  11. Click Save

Step 6. Add the ServiceNow alert target to an Operations for Applications alert

  1. In Operations for Applications, open the Alerts browser.
  2. If you have an alert, locate the alert and click the alert name to open the alert in edit mode. Otherwise, create an alert. For help, see Create and Manage Alerts.

  3. Scroll down to the Recipients field.

  4. Enter the alert target ID into the Alert Target field and select the alert target from the drop-down list to add the list of targets.
  5. Click Save.
integrations list