Skip to main content

ServiceNow CMDB

You can configure ServiceNow CMDB tables to send to BigPanda for event enrichment.

ServiceNow CMDB data can add key relevant business information to event enrichment, ensuring that operators have all the data they need to triage and remediate incidents.

The BigPanda ServiceNow CMDB integration works by configuring a scheduled job in your ServiceNow instance which calls a Script Includes when executed, passing along your configuration details.

The Script Includes then collects all rows from the specified tables and views and sends them to the BigPanda ServiceNow CMDB integration endpoint.

The data is then processed and transformed into a BigPanda enrichment which is automatically uploaded to BigPanda and immediately starts enriching your incoming alerts with topology information from your ServiceNow CMDB.

Key Features

  • Enriches alerts in BigPanda with information from your ServiceNow CMDB.

  • Automatically detects enrichment schema from your ServiceNow data.

  • Automatically creates and manages Enrichments in BigPanda.

  • Easily send new tables or views from your ServiceNow CMDB to BigPanda.

  • Uses a native ServiceNow app to accelerate and simplify the setup process.

Install the Integration

Administrators can install the integration by following the steps in the Install the ServiceNow Integration instructions.

Update the BigPanda App

If you are currently using an older version of the BigPanda ServiceNow application, you can upgrade to the latest functionality by following the instructions in the Update the BigPanda ServiceNow App documentation.

Configure the Integration

  1. In the ServiceNow application, navigate to BigPanda > Configuration.

  2. In the General section, enter the appropriate keys provided in the BigPanda Console Integration instructions.

    Field

    Description

    Bearer Token

    Enter the BigPanda organization key.

    API Key

    Enter the BigPanda API key.

    Incidents App Key

    Enter the ServiceNow Incidents App Key. You can obtain it from the BigPanda ServiceNow Incidents integration module.

    Change API

    Enter the BigPanda Change API.

    Telemetry Enabled

    Select this checkbox to enable exporting logging data in the integration and to receive troubleshooting and diagnostic assistance with BigPanda.

    Telemetry Endpoint

    Provide a URL for the telemetry option.

  3. Configure the CMDB section.

    Parameter

    Description

    Example

    Active

    Select this checkbox to enable CMDB configuration.

    Table Name

    Name of the table or view to export.

    Table Key

    The key column. Make sure this column is indexed.

    Exported Columns

    A comma-delimited list of all columns to export. Do not include the key column in this list.

    Exported Override Columns

    A comma-delimited list of any columns that should replace values from an alert’s payload with the values defined in the CMDB table

    See Override Columns section below

    BigPanda Map Name

    A custom name for the CMDB export within BigPanda.

    Query Filter

    A query to filter out specific records.

    Column Mapping

    Choose specific ServiceNow Columns to rename when mapping within BigPanda.

    servicenow_column: new_name

    hostnames: hosts

    Aggregate Map

    Creates a one:many relationship leveraging the key column as the aggregate.

    See Aggregate Map section below

    Add New Button

    If you need to add an additional configuration row, click this button.

    Endpoint

    The endpoint to send exported tables and/or views.

    EU users may need to add an additional prefix

    Page Size

    The number of records to send per page.

    Max Pages

    The max number of pages to send per export.

    Max Retries

    The number of retries to attempt in the event that an export fails.

    Retry Interval

    The number of seconds to wait between a previously failed export and a new export request.

Exporting Frequency

It can take a while for the CMDB process to run, particularly for large tables or views.

Please ensure you're not sending the data too frequently, we suggest limiting it to a couple of times per day.

Aggregate Map

Like a GROUP BY in SQL, this toggle should be used whenever the values in the Table Key column contain multiple rows in other fields. Rather than only pulling in a single item, all possible values will be brought in via enrichment. This is a useful field when adding CI Relationship tables or other complex topology data to BigPanda.

For example:

The following SNOW relationship table:

parent [query key]

type [result tag]

child [result tag]

host_a

Runs::Runs on

app_a

host_a

server_of

app_b

hypervisor_a

server_of

host_a

hypervisor_a

Runs::Runs on

host_b

Will be aggregated in the BigPanda enrichment map into:

parent [query key]

type [result tag]

child [result tag]

host_a

[Runs::Runs on, server_of]

[app_a, app_b]

hypervisor_a

[server_of, Runs::Runs on]

[host_a, host_b]

A single array of result tags can only support 15 items

Exported Override Columns

Exported Override Columns determine whether a non-key column (result_tag) will replace values from an alert’s payload when it is also defined in the CMDB table.

For instance, if we take the above example and send an alert that includes parent=”host_a” and child=”app_a”, if “child” is an override column, the “child” tag’s value in BigPanda will be app_a, app_b instead of just app_a after being enriched by this CMDB table.

In this section: