Introduction to the ServiceNow Events SyncPack

Download this manual as a PDF file 

This section describes the "ServiceNow Events" SyncPack, which is the ScienceLogic integration with the ServiceNow Events Module. This SyncPack provides a bi-directional sync of SL1 Events with ServiceNow Alerts, including event creation, acknowledgment, and resolution.

This SyncPack uses the "ScienceLogic SL1: Event Integration" certified application in ServiceNow and the latest "ServiceNow Base Pack" PowerPack in SL1.

Starting with version 1.1.0 of this SyncPack, you can use this SyncPack with or without a ServiceNow Management, Instrumentation, and Discovery (MID) Server. Do not use the "ServiceNow Events" SyncPack and the "ServiceNow Incident" SyncPack on the same PowerFlow system.

What Can I Do with this SyncPack?

The "ServiceNow Events" SyncPack is the ScienceLogic integration with the ServiceNow Events Module. This SyncPack provides a bi-directional sync of SL1 events with ServiceNow alerts, including event creation, acknowledgment, and resolution.

For this SyncPack, you can configure a run book action policy in SL1 to ensure that whenever SL1 detects a new, acknowledged, or cleared event, a corresponding event is created or updated in ServiceNow. These automations are included in the latest "ServiceNow Base Pack" PowerPack. For more information, see Enabling the Run Book Automation Policies in SL1.

Starting with version 1.1.0 of this SyncPack, you can use this SyncPack with or without a ServiceNow Management, Instrumentation, and Discovery (MID) Server.

The following diagram details the workflow and architecture for the bi-directional sync of SL1 Events with ServiceNow Alerts, including event creation, acknowledgment, and resolution:

Click the image to enlarge

This diagram is for environments that use a ServiceNow MID Server.

This SyncPack includes the following applications, which you can use to synchronize event information between SL1 to ServiceNow:

  • Create Event in ServiceNow from SL1 Event. Transforms SL1 event data into a ServiceNow event, and then posts that event to ServiceNow.
  • Process and Cache SL1 Events. The "ServiceNow: Add/Update/Clear Event" Run Book Action triggers this application whenever an SL1 event is created, updated, or cleared. This application processes the SL1 event and caches it to PowerFlow to allow for bulk processing for ServiceNow by the "Sync Cached SL1 Events to ServiceNow" application.
  • Sync Alert Details from ServiceNow to SL1 Events. Acknowledges or clears SL1 events from ServiceNow, updates the user note, and populates the alert number in the external ticket reference. This application also includes the user_note_template field that accepts a Jinja2 template to generate custom user notes. ScienceLogic suggests that you schedule this application to run every 60 seconds. Also, you need to run the "Cache SL1 Users" application before running this application.
  • Sync Cached SL1 Events to ServiceNow. Bulk processes all of the cached SL1 events and posts them to ServiceNow. Sends a "Sync Success" or "Sync Failed" status update to PowerFlow based on the result of the post. ScienceLogic suggests that you schedule this application to run every 60 seconds.
  • Update SL1 Event from ServiceNow Trigger. Updates or clears an SL1 Event based on a ServiceNow action.

For more information, see Configuring the PowerFlow Applications for Event Sync.

Contents of the SyncPack

This section lists the contents of the "ServiceNow Events" SyncPack.

PowerFlow Applications

The following applications are included with the "ServiceNow Events" SyncPack:

  • Create Event in ServiceNow from SL1 Event. Transforms SL1 event data into a ServiceNow event, and then posts that event to ServiceNow.
  • Process and Cache SL1 Events. The "ServiceNow: Add/Update/Clear Event" Run Book Action triggers this application whenever an SL1 event is created, updated, or cleared. This application processes the SL1 event and caches it to PowerFlow to allow for bulk processing for ServiceNow by the "Sync Cached SL1 Events to ServiceNow" application.
  • Sync Alert Details from ServiceNow to SL1 Events. Acknowledges or clears SL1 events from ServiceNow, updates the user note, and populates the alert number in the external ticket reference. This application also includes the user_note_template field that accepts a Jinja2 template to generate custom user notes. ScienceLogic suggests that you schedule this application to run every 60 seconds. Also, you need to run the "Cache SL1 Users" application before running this application.
  • Sync Cached SL1 Events to ServiceNow. Bulk processes all of the cached SL1 events and posts them to ServiceNow. Sends a "Sync Success" or "Sync Failed" status update to PowerFlow based on the result of the post. ScienceLogic suggests that you schedule this application to run every 60 seconds.
  • Update SL1 Event from ServiceNow Trigger. Updates or clears an SL1 Event based on a ServiceNow action.

For more information about configuring and running these applications, see Configuring the PowerFlow Applications for Event Sync.

Configuration Object

  • ServiceNow Events SyncPack. Version 1.1.0 and later of this SyncPack includes this example configuration object, which you can use to create an event-specific configuration object for your PowerFlow system.

Steps

  • Compare ServiceNow and SL1 Events
  • Convert ScienceLogic Event Data to SNOW Event
  • Process and Cache Event
  • Process and Post Event to ServiceNow
  • Process Event Trigger from ServiceNow
  • Pull and Process ServiceNow Alerts