Integrating the ServiceNow alerting service into your Netreo monitoring workflow is fairly straightforward. Simply follow the steps below to create a new action group that can alert your ServiceNow account with a custom message of your choice. This action group may then be assigned to the alarm configuration of any monitoring monitoring check.
(Netreo recommends that you create a user in your ServiceNow account specifically for Netreo use.)
First, you’ll have to complete some steps in ServiceNow.
- Log into your account at the ServiceNow website.
- Make sure Incoming WebHook API Events is enabled for your account.
Now in Netreo.
- Go to the main menu and select Administration > Alerts > Actions to open the Actions Administration page.
- Select Add A Group.
- In the action group configuration dialog:
- In the GROUP NAME field enter a name for this action group (for example, “ServiceNowAlert”).
- No spaces are allowed in action group names.
- In the MANUAL ALERT ACCESS LEVEL field select a user access level for this group.
- This allows users with the selected access level and higher to manually run this action group from within an incident.
- Select Add Group.
- In the GROUP NAME field enter a name for this action group (for example, “ServiceNowAlert”).
- In the action configuration dialog:
- In the ACTION NAME field enter a name for this action (for example, “ServiceNow Action”).
- Spaces are allowed in action names.
- Select Add Action.
- In the ACTION NAME field enter a name for this action (for example, “ServiceNow Action”).
- In the method configuration dialog:
- In the ACTION METHOD TYPE field select Webhook from the pull-down menu.
- In the URL field enter:
<YOUR CUSTOMER NAME>.service-now.com/api/now/table/incident
- In the PAYLOAD field enter something similar to the code in the Payload Code section further down.
- You can customize the payload to provide values for ServiceNow using any desired Netreo incident macros.
- Select Add Method.
Now select this action group in the alarm configuration of a monitoring check. When that check fails and opens an incident, ServiceNow will be alerted according to the Netreo incident state change rules.
Payload Code
Payload Example
[header] { "Content-Type" : "application/json", "Authorization" : "Basic <YOUR BASE64 ENCODED SERVICENOW USERNAME:PASSWORD>" } [header] { "category" : "<YOUR CATEGORY>", "company" : "<YOUR COMPANY NAME> Netreo", "number" : "{INCIDENTID}", "priority" : "<YOUR PRIORITY>", "severity" : "<YOUR SEVERITY>", "short_description" : "{SUBJ}", "cmdb_ci" : "{HOSTNAME}", "u_alert_link" : "{INCIDENT_URL}", "description" : "{SUBJ}\n\nHost Name: {HOSTNAME}\nHost Address: {HOSTADDRESS}\nHost State: {HOSTSTATE}\nAlert: {ALERTDESC}\nThreshold Level: {THRESHOLD}\n\nIncidentID:{INCIDENTID}\nIncident State: {APPLICATIONSTATE}{SERVICESTATE}\n\n{OUTPUT}\n\nHost Note:{HOSTNOTE}\n" }
Recommended general settings are to set priority
to 3 and severity
to 2, but this will vary based on your specific response policies and implementation. If you want different alerts to go out with different priority/severity levels, you can create separate action groups to easily accomplish this.
