DocsAPI ReferenceRelease Notes
Docs
BigPanda AppRequest DemoBigPanda UniversityBigPanda Community

ServiceNow Incidents

Automatically create ServiceNow incidents from incidents in BigPanda.

Suggest Edits

The ServiceNow integration enables you to synchronize ServiceNow incidents with corresponding incidents in BigPanda. Incidents are kept up-to-date in both platforms allowing you to continue working in ServiceNow while benefitting from BigPanda’s tools.

Supported Versions

BigPanda Integration VersionServiceNow VersionsAuthentication Type
v2.8+Xanadu, Washington, Vancouver, Utah, Tokyo, San Diego, Rome, Quebec, Paris, Orlando, New York, Madrid, London, Kingston, Jakarta, IstanbulAPI Key and Bearer Token
v2.3-2.7Washington, Vancouver, Utah, Tokyo, San Diego, Rome, Quebec, Paris, Orlando, New York, Madrid, London, Kingston, Jakarta, IstanbulAPI Key and Bearer Token
<v2.3Quebec, Paris, Orlando, New York, Madrid, London, Kingston, Jakarta, IstanbulAPI Key and Bearer Token

Key Features

  • Bidirectional updates: Changes in either BigPanda or ServiceNow are synchronized within the other platform. By default, information is updated every 15 seconds reducing latency synchronization to less than 5 minutes. As a result, you are provided with an up-to-date view of incidents in near real-time.
  • Incident resolution and reopening capabilities: You can configure settings so that when an incident is resolved in BigPanda, the corresponding incident is resolved in ServiceNow, and vice-versa. Additionally, you can enable that a reopened BigPanda incident reopens the corresponding ServiceNow incident or creates a new one.
  • Customization options: Customize the transformation of shared data, and implement custom logic within the ServiceNow workflow. See a full list of optional logic and updating fields in the ServiceNow Incidents - Advanced Customization documentation.
  • Retry logic: If a request to the ServiceNow API fails, BigPanda will retry up to 6 times with 15 minutes in between each attempt. After 5 attempts, the request is added to the DLQ. If the 6th attempt fails, BigPanda support will be notified.

  • 📘

    Note

    The ServiceNow integration follows standard AutoShare rules for outbound shares.

    Bi-directional sync is time based, and is in addition to the outbound sharing updates.

    See Managing Incident Sharing for more information.

Install the BigPanda ServiceNow Integration

To install any of the integration modules, follow the Install the ServiceNow Integration instructions, then configure the module settings.

Update the BigPanda ServiceNow Application

The latest BigPanda ServiceNow integration includes support for recent ServiceNow versions and additional functionality. Upgrading your integration allows you to take advantage of the latest functionality.

Updating the BigPanda ServiceNow app may involve different steps depending upon the version that you are currently running. See the Update the BigPanda ServiceNow App documentation for detailed instructions.

Configure the Integration in BigPanda

  1. Create a new ServiceNow integration in BigPanda and give it a name.
  2. Follow the instructions to create a BigPanda ServiceNow User.
  3. In the BigPanda under the Configure Integration Webhook section add the headers below.
  4. Click Configure Webhook.

Required Headers

KeyValue
x-bp-config-servicenowUrlYour ServiceNow dashboard URL, eg. https://bigpanda.service-now.com
x-bp-api-keyAn authorized User API Key
x-bp-config-servicenowUsernameUsername of the BigPanda account created in ServiceNow, eg. bigpanda
x-bp-config-servicenowPasswordPassword of the BigPanda account created in ServiceNow

Configure the Integration in ServiceNow

Application Architecture

BigPanda ServiceNow Application Architecture (Incident module)

BigPanda ServiceNow Application Architecture (Incident module)

Disable Polling Script

  1. In ServiceNow from the left sidebar navigate to BigPanda > Changes > Retrieve Incidents Scheduled Job.
  2. Uncheck the Active box.
  3. Click Update to save your settings.

Configure the Incidents Module

  1. In the ServiceNow application, navigate to BigPanda>Configuration.

  2. In the General section, enter the appropriate keys provided in the BigPanda Console Integration instructions.

    FieldDescription
    Bearer TokenEnter the BigPanda organization key here.
    API KeyEnter the BigPanda API key here.
    Incidents App KeyEnter the ServiceNow Incidents App Key here. You can obtain it from the BigPanda ServiceNow Incidents integration module.
    Change APP KeyEnter the app key for the BigPanda Outbound ServiceNow Change integration
    Telemetry EnabledSelect this checkbox to enable exporting logging data in the integration and to receive troubleshooting and diagnostic assistance by BigPanda.
    Telemetry EndpointProvide a URL for the telemetry option.

  3. Configure the Incidents section.

    Incidents settings

    Incidents settings

    | **Parameter** | **Description** |
| :-------- | :-------- | 
| Active | Select this checkbox to enable configuring the integration settings. |
| Assignment Group | A group to which BigPanda assigns new ServiceNow incidents. For example, define “DevOps” as the assignment group. |
| Caller ID Email | A default email associated with a ServiceNow user calling in the incident. BigPanda searches for the caller’s details and populates the Caller ID field. |
| Opened By Email | A default email associated with a ServiceNow user who created the incident.<br>BigPanda searches for the user's details and populates the Opened By field. |
| CMDB CI Field | Provide an alert tag representing the physical server of your system, such as host, hostID, hostname. BigPanda searches for this tag in the payload and defines it as your configuration item.<br>For example, if you define the CMDB CI field as “host” then every time a new BigPanda incident is created, BigPanda searches for the host tag and populates this value in the configuration item field. |
| Resolved By Email | The email address of the ServiceNow user that resolved the incident. |
| Primary Alert | A single alert can be defined as the Primary Alert of the BigPanda incident. Provide a list of criteria for the alert you wish to be defined as the Primary Alert. BigPanda searches all alerts according to these values, in an order of preference from left to right, to find the Primary Alert.<br>For example, the following default values: `“status=critical, startedOn”` classifies the Primary Alert as being the oldest alert having a critical status.<br>By default, values are sorted in ascending order, specifying the oldest alerts. If you want the Primary Alert to be the newest alert negate the field name to: `“-startedOn”`.<br>Equality sorting criteria may use wildcards (`*`) when searching for matching values.<br>Alerts are sorted in an order of listed elements. The values: `“Status=critical, status=warning, startedOn”` places all critical status alerts first followed by warning status. |
| Priority in Short Description | Include the BigPanda priority Incident Tag in a ServiceNow ticket's Short Description |
| AIA in Short Description | Include the AI-generated Incident Analysis Summary in a ServiceNow ticket's Description |
| Description Incident Tags | A comma-separated list of BigPanda Incident Tags to include in a ServiceNow ticket's Description |
| Description Alert Tags | A comma-separated list of BigPanda Alert Tags to include in a ServiceNow ticket's Description |
| Max alerts in Description | The total number of alerts that can be included in a single ServiceNow ticket's Description |
| Add BigPanda links to description | Include links to the BigPanda Incident, Preview, and Timeline in a ServiceNow ticket's Description |
| Add description to work notes | Add BigPanda's standard incident Description in the Work Notes for an incident to allow for other logic in Description |
| Show UI Action Button to Incident in BP | Add a button in ServiceNow Incident with an anchored link to BigPanda Incident |
| Show UI Action Button to Incident Timeline in BP | Add a button in ServiceNow Incident with an anchored link to BigPanda Incident Timeline |
| Resolve ServiceNow Incident | Select this checkbox to automatically resolve ServiceNow incident when a corresponding incident is resolved in BigPanda. |
| Flapping &bull; Block Resolve | Select this checkbox to block resolution of incidents on ServiceNow if the BigPanda incident is marked as flapping. |
| Resolve BigPanda Incident | Select this checkbox to automatically resolve the corresponding BigPanda incident when a ServiceNow incident is resolved. |
| Send Closure Code | Select this checkbox if you want to send closure information about a resolved ServiceNow incident as a comment in the BigPanda incident. |
| Re-open Resolved | Select this checkbox to enable a ServiceNow incident to be reopened when a BigPanda incident is reopened. Disable if you want to create a new ServiceNow incident when a BigPanda incident is reopened. |
| Re-open Window | If you enabled the Re-open Resolved field, you can set the timeframe during which the ServiceNow incident can be reopened. Default time window is 30 minutes. |
| Update Fields | Provide a list of all ServiceNow fields you want to be updated when a ServiceNow incident is created in BigPanda. For example, list the description field as an update field in ServiceNow in order to see the description information provided by BigPanda. |
| Retrieval Count | The number of BigPanda incidents you want to retrieve at once can be adjusted. Default Retrieval Count is 20. |
| Retrieval Endpoint | Provide a URL where ServiceNow can retrieve BigPanda incidents. |
| Callback Endpoint | Provide a URL where ServiceNow can respond to a corresponding BigPanda incident. |
| Incident Tag Mapping | A table of BigPanda Incident Tags and ServiceNow Incident fields to sync.<br>In the BigPanda Incident Tag field, enter the name of the BigPanda incident tag, matching the case exactly. If you enter an incident tag name that does not match an existing tag in BigPanda, a new tag will be automatically created. Only Text type incident tags are supported<br>In the ServiceNow Incident Field, enter the ServiceNow Incident field that the BigPanda incident tag should map to.<br>The Sync Direction can be BP to SNOW, vice-versa, or bi-directional. |
| Active | Select this checkbox to enable configuring the integration settings. |

For a complete list of available fields, see ServiceNow Advanced Customization.

If you have not been granted Administrator access to the ServiceNow integration system, you can modify the integration through custom headers. To learn more, see Custom Headers.

Configure the Alert Configuration Module

  1. In the ServiceNow application, navigate to BigPanda>Configuration.
  2. In the Alert Processing - Addon section, select Alert Configuration.
  3. Adjust the configuration to fit the needs of downstream teams.
FieldDescription
Turn on alert processing and associate alerts to an incident?Enable alert processing features and configuration. Select Yes to enable all other alert table functionality.
Turn on logging for alert processing to help debugging?Turn on troubleshooting logs for the alert processing features. To reduce noise, we recommend turning logging on only during testing or troubleshooting.
What alert tag contains the hostname field that should map to the CMDB_CI table for alert bindings?Enter the name of the BigPanda alert tag that contains the host data.
Use the alert Primary Property for the HOST field to look up CMDB CI alert bindings?An alternate option to identify the host tag. If Yes is selected the primary property tag will be used as the hostname field.
If hosts are not found in the CMDB, should they be automatically added to the CMDB_CI table and listed as “Pending Install”?This option adds hosts to the CMDB_CI table for any alert that did not successfully match an existing CMDB_CI record. By default, hosts added to the CMDB through this automation will be labeled with the Pending Install status.
What should be the numerical status of new CMDB_CI items (4= “Pending Install”)If new hosts will be added to the CMDB_CI from unmatched BigPanda alerts, you can use this field to adjust the status of created hosts.
Use the BigPanda View link from the BigPanda activity log in the BigPanda console?When Yes is selected, the link in the incident activity log will direct to the BigPanda view instead of the standard ServiceNow incident view.
The alert tag that contains the assignment group for mapping alerts or incident tasks to an assignment group?When a tag is defined, alerts will automatically be assigned to assignment groups based on matched values to ServiceNow assignment groups.
Map a custom tag to the priority field on the alert record? (Used for SLAs and other reporting)Select Yes if there is a custom alert tag that should define priority. You must define the tag below.
The alert tag name that will be included to create an incident task, the value must be “true”.Enter a BigPanda alert tag name. If the value sent by that tag is true, an incident task will be created for the alert.
What alert tag from BigPanda should represent severity? This will map over to Priority on the BP alert table. Available values are “critical, major, minor, warning, unknown”.If you selected Yes to map a custom priority tag, enter the BigPanda alert tag name here. The defined tag must send values in the standard BigPanda severity values.
Have you installed the add-on for BigPanda alert tables (BP alerts)? (This add-on requires a table entitlement and cannot be used with ServiceNow Event Management Tables.)Select Yes to enable the creation of BigPanda alerts in the BP alert table.
Enable the similar incidents tab for the BigPanda incidents view?Select Yes to generate the Similar Incidents tab in the BigPanda view.
Enable the RCC tab on the BigPanda incidents view?Select Yes to generate the RCC tab in the BigPanda view.
Parse events into the incident tasks table? (BETA)Select Yes to generate the Incident Tasks table in the BigPanda view.
Enable AIA descriptions and remove the alert summary?Select Yes to generate the Automated Incident Analysis tab in the BigPanda view. This will overwrite the existing description field.

Uninstall the Integration

Deleting an integration requires that you remove the integration in both the integrated system and BigPanda. We recommend that you first uninstall the integration on the integrated system to prevent traffic from being sent and rejected by BigPanda, since the app_key will not exist once you delete the integration in BigPanda.

❗️

Caution During Replacement

When replacing an existing integration with a new tool or system, we recommend configuring the new integration first to ensure no data is lost.

Disable the Integration

You can stop sending change data to BigPanda but preserve your configuration settings by disabling the integration in ServiceNow.

  1. In the ServiceNow application, navigate to BigPanda > Configuration.
  2. In the Incidents, Alert Processing - Add On, or Maintenance Plan section, de-select the Active checkbox
  3. Save the configuration

Stop sending data to BigPanda

Disable any settings that send data to BigPanda.

Within ServiceNow, navigate to System Applications > Applications.

  1. Click on the BigPanda app.
  2. Select the module you wish to delete and click the related Uninstall link.
  3. Click OK.
  4. Confirm when the dialogue box appears.

❗️

Process will Vary

Coordinate with your system architects to ensure that any changes to your ServiceNow integration follows your organizational processes and policies. If you have questions about downstream impacts within BigPanda, please reach out to your account team.

Delete the Integration in BigPanda

Take the following steps to delete the integration from BigPanda:

  1. In BigPanda, navigate to the Integrations tab and select the desired integration from the list.
  2. In the integration details on the right of the page, click the trash icon, then confirm you want to delete the integration. The integration will be removed immediately.

❗️

No Data Removal

This procedure does not remove any data from BigPanda or the integrated system. As needed, remove data from each system before deleting the integration.

Updated 6 days ago