Axur's platform offers a native integration with ServiceNow. This feature allows you to significantly improve operational efficiency, incident response capability, and visibility into your IT infrastructure.
What is ServiceNow?
ServiceNow is a third-party platform for IT Service Management (ITSM) that helps automate IT Business Management. For more information about ServiceNow, visit: ServiceNow.
Benefits of Implementation
By sending events to ServiceNow, you can gain numerous benefits for IT management and overall operational efficiency within your organization. The main benefits include:
Automation and Efficiency: Automate event response processes, reducing incident response time.
Improved Incident Management: Correlate events and identify root causes of issues, filter and prioritize relevant events, enabling your team to focus on critical matters.
Visibility and Monitoring: Gain a centralized and unified view of events and risks, with the ability to create custom dashboards and reports in ServiceNow.
How to Implement the Integration
To implement this integration, you must have a ServiceNow account and provide the following information to [email protected]:
Instance name, i.e., the string value in the URL: http://[instance-name].servicenow.com
The name of the table to which the integration should send information. We recommend using the "Incident" table, which is pre-configured in instances.
Information Sent to ServiceNow
Events are sent in JSON format, including:
Detected tickets (detection.opened)
Added attachments (attachment.added)
Detected Tickets
When sending a detection.opened event to ServiceNow, an object is created in the table specified by the client during integration setup. Each of these objects will have a sys_id. According to ServiceNow, the sys_id is “a unique 32-character GUID (Globally Unique ID), called a system ID (sys_id), identifying each record in an instance.”
Additionally, the following fields are sent:
state: This field indicates the ticket status. By default, it will always be 1, meaning the ticket is open.
correlation_display: The ticket_key, a unique identifier of the ticket in the Axur platform.
short_description: A brief line with the main information of the ticket. For example:
Digital Frauds - Fake profile on social network - {{Customer ID}} - {{Threat URL}} {{Ticket ID}}
description: A more detailed description of the ticket, in the following format:
Axur - one.axur.com
New threat detected {{Axur platform ticket URL}}
Ticket Key
Ticket Type
Threat URL
Detection Date
Added Attachments
When an attachment is added to a ticket, the integration sends this information to the existing sys_id of that ticket in ServiceNow. The attachment files are added to the ticket record with the corresponding sys_id, and an upload is performed.
FAQ
Are events sent in real-time?
Events consumed by the integration are emitted asynchronously, meaning there is no guarantee of immediate processing or close to the time they are generated. Additionally, integration with ServiceNow may introduce additional latency depending on the system's workload. Therefore, it cannot be stated that events are sent exactly in real-time, but it is expected to be as close as possible to the event time.
Are there other events I can choose to send to ServiceNow?
No, currently, the only available events are detection.opened and attachment.added. Including new events in the integration requires development on Axur's side. We always encourage customers to provide feedback on their needs. As you know, our features are constantly evolving, and this feedback is considered during roadmap planning.
Can I send events to the platform via ServiceNow?
This native integration we offer operates in a one-way direction: Platform > ServiceNow. However, some clients have made additional implementations to the integration using the platform's API. It is possible, as the platform's API is quite powerful. For this, reading the API's technical documentation (for developers) will be necessary.
If you have any questions, feel free to reach out at [email protected] 😊