ServiceNow
Visualize ServiceNow resources and monitor them through queries and alerts.
- Installation guide
- ServiceNow data model
Installation
In order to allow JupiterOne to fetch data from your ServiceNow account, we recommend creating a new ServiceNow role with read-only access to your account and assigning that read-only role to a dedicated ServiceNow user.
Configuration in ServiceNow
Follow the ServiceNow documentation to create a new ServiceNow role called
jupiterone_reader.For each of the ServiceNow tables used in the JupiterOne <-> ServiceNow integration, create a new access control rule (ACL) to allow access to the
jupiterone_readerrole withType: Record,Operation: Read, andRole: jupiterone_reader. This should be enabled for the following tables (found in theNamefield):sys_usersys_user_groupsys_user_grmemberincidentsys_db_object
Create a new ServiceNow User called
JupiterOne. Make a note of the new username/password; you'll need it when configuring your integration in JupiterOne.Open the
JupiterOneuser and assign thejupiterone_readerrole to your newly created user. Note: if ingesting any part of the cmdb, also add thecmdb_readerrole. See this link for more information.(OPTIONAL) For JupiterOne users who wish to create ServiceNow incidents based on JupiterOne alert rules, we suggest creating a
jupiterone_incident_creatorrole. Repeat steps 1, 2, and 4 above with the following parameters:1. ServiceNow Role:
name: jupiterone_incident_creator2. Access Control Rule (ACL) :
Type: Record,Operation: Create,Name(table): incident,Name(fields): *,Role: jupiterone_incident_creator4. Role Assignment: Assign
jupiterone_incident_creatorrole toJupiterOneuser
Configuration in JupiterOne
To install the ServiceNow integration in JupiterOne, navigate to the Integrations tab in JupiterOne and select ServiceNow. Click New Instance to begin configuring your integration.
Creating a configuration requires the following:
The Account Name used to identify the ServiceNow account in JupiterOne. Ingested entities will have this value stored in
tag.AccountNamewhen theAccountNametoggle is enabled.Description to assist in identifying the integration instance, if desired.
Polling Interval that you feel is sufficient for your monitoring needs. You may leave this as
DISABLEDand manually execute the integration.Your ServiceNow Hostname (e.g.,
j1.service-now.com), Username, and Password.
Click Create once all values are provided to finalize the integration.
Next steps
Now that your integration instance has been configured, it will begin running on the polling interval you provided, populating data within JupiterOne. Continue on to our Instance management guide to learn more about working with and editing integration instances.
Data Model
Entities
The following entities are created:
| Resources | Entity _type | Entity _class |
|---|---|---|
| Account | service_now_account | Account |
| CMDB Object | service_now_cmdb_object | Configuration |
| Incident | service_now_incident | Incident |
| User | service_now_user | User |
| User Group | service_now_group | UserGroup |
Relationships
The following relationships are created:
Source Entity _type | Relationship _class | Target Entity _type |
|---|---|---|
service_now_account | HAS | service_now_group |
service_now_account | HAS | service_now_user |
service_now_cmdb_object | ASSIGNED | service_now_user |
service_now_group | HAS | service_now_group |
service_now_group | HAS | service_now_user |
service_now_group | MANAGES | service_now_cmdb_object |
service_now_incident | ASSIGNED | service_now_user |
service_now_user | MANAGES | service_now_cmdb_object |
service_now_user | OWNS | service_now_cmdb_object |