ImportantThis feature is currently in private beta. Reach out to your customer success team if you're interested in trying it out for your organization.
You can use the VMware Aria Automation for Secure Clouds ServiceNow integration to automatically create incidents from security findings in your ServiceNow server, where they can be tracked and resolved according to your existing incident workflow.
NoteThe ServiceNow integration remains in active development, and supports only the creation of incidents from findings.
To use this integration you must have an existing ServiceNow instance that can connect to VMware Aria Automation for Secure Clouds through basic authentication with a user name and password configured on the instance.
The best practice is to create a dedicated user to receive inbound API requests from the integration as described by the ServiceNow documentation.
The integration sends three request types to the ServiceNow Table API to add and update incidents:
The ServiceNow user must have the itil role from the base system roles to receive these API requests. Review the ServiceNow role documentation for directions to assign a role to a user.
Once you have a user set up on your ServiceNow instance with the appropriate permissions you can create the integration in VMware Aria Automation for Secure Clouds.
Log in to VMware Aria Automation for Secure Clouds.
Navigate to Settings > Integrations.
Locate ServiceNow from the integration list, then select Add New.
Enter the following required values:
https://dev136802.service-now.com/
, the instance name would be "dev136802".Select Next.
Select the Context at which others are able to view and edit this integration. If you're already creating this integration from the context of a specific project, it's set automatically.
Click Test to verify a working connection, then click Save.
If you're unable to test a successful connection to ServiceNow, ensure you've assigned your user the itil role before seeking assistance.
After you've set up the integration, you must create a ServiceNow alert to begin creating incidents from findings.
The Fields Template field holds a JSON-formatted object that is used to populate fields in any incidents upon creation in ServiceNow.
As an example, the Impact and Urgency fields are pre-defined by default when you set up an integration.
{
"impact": "2",
"urgency": "2"
}
On a successful test, you can view the incident created in your ServiceNow instance and see the values carried over to the appropriate fields.
You can customize the incident template for your integration by changing, removing, or adding more fields from your organizations incident template. Options to override a pre-defined field and add known variables as documented for Jira Cloud are also supported for ServiceNow.