HomeGuidesAPI ReferenceChangelog
Log In
Guides

ServiceNow

Suggest Edits

ServiceNow CLI

This CLI is provided to perform batch processing and incident assignment using the ServiceNow Platform. It is designed to perform bulk processing of RegScale issues to create, update, and otherwise sync with ServiceNow to perform automated incident assignment in support of ITIL business processes. The CLI currently supports the below functionality:

  • issues - syncs issues from RegScale and auto-assigns incidents in ServiceNow while cross-linking their IDs
  • sync_work_notes - sync work notes from ServiceNow to existing issues in RegScale
  • issues_and_attachments - bi-directional sync between ServiceNow incidents and RegScale issues and their attachments

Init.yaml Configuration

There are multiple pieces of information needed to configure the ServiceNow integration via the CLI:

  • snowUrl - base URL of your ServiceNow instance
  • snowUserName - ServiceNow User Name
  • snowPassword - ServiceNow password for this user

The first step is to get the ServiceNow Url for your organization's account. This is the base URL of your ServiceNow instance. An example ServiceNow Url is as follows: https://dev12345.service-now.com/. Next, setup an account with appropriate permissions to create incidents and store the username and password in the init.yaml file.

Issue Processing Workflow

The CLI currently supports processing RegScale issues to create ServiceNow incidents. The issue processing workflow is shown below:

  • The user first logs into RegScale via the CLI to set the access token or otherwise creates a service account as described in the CLI Login documentation
  • The user then calls the CLI to process ServiceNow incidents while setting the following flags:
    • regscale_id - the ID # of the RegScale record associated with these issues
    • regscale_module - the RegScale module of the record associated with these issues, please view RegScale Modules for options.
    • snow_assignment_group - the Assignment Group Name in ServiceNow responsible for remediating these incidents (Case sensitive)
    • snow_incident_type - the default incident type that should be used when creating the incidents
  • The CLI then retrieves all existing issues in RegScale for the key value pair provided above
  • The CLI then processes through all retrieved RegScale issues and does the following:
    • Sees if a RegScale issue already exists, if not, it creates a new incident in ServiceNow
    • CLI then saves the ServiceNow Incident sys_id in the RegScale issue to establish a linking

The CLI provides detailed logging throughout the process to indicate progress and to provide troubleshooting in case of problems.

Issue And Attachments Processing Workflow

ServiceNow ACLs

The issues_and_attachments command requires changes to the label_entry table to allow write access to two columns: table and table_key. This table is used to associate tags to records which is used to add tags to incidents that are related to RegScale issues. The tags will be named regscale-REGSCALE_MODULE-REGSCALE_ID where REGSCALE_MODULE and REGSCALE_ID are the values provided when running the command.

In order to update these fields, contact your ServiceNow administrator to do so. If you are a ServiceNow administrator, you can use this .XML file: label_entry_update_acls.xml to update the label_entry table permissions.

The CLI currently supports processing RegScale issues and ServiceNow incidents. The issue processing workflow is shown below:

  • The user first logs into RegScale via the CLI to set the access token or otherwise creates a service account as described in the CLI Login documentation
  • The user then calls the CLI to process ServiceNow incidents while setting the following flags:
    • regscale_id - the ID # of the RegScale record associated with these issues
    • regscale_module - the RegScale module of the record associated with these issues, please view RegScale Modules for options.
    • snow_assignment_group - the Assignment Group Name in ServiceNow responsible for remediating these incidents (Case sensitive)
    • snow_incident_type - the default incident type that should be used when creating the incidents
    • sync_attachments - whether to sync attachments between ServiceNow and RegScale, defaults to True
    • all - whether to sync all incidents from ServiceNow to RegScale, defaults to True
  • The CLI then retrieves all existing issues in RegScale for the key value pair provided above
  • Then it will fetch all Incidents from ServiceNow, unless --all False was used, then it will use Tags in service now that match the RegScale key value pair provided above
  • The CLI then processes through all retrieved ServiceNow incidents and does the following:
    • Sees if ServiceNow has the incident in RegScale, if not an incident is created in ServiceNow with the provided snow_indident_type and the issue in RegScale is updated to include the new ServiceNow incident ID
    • Sees if RegScale has all the incidents from ServiceNow, if not it is created in RegScale with the information associated with the incident in ServiceNow
    • If the issues already exist in both ServiceNow and RegScale they are compared against one another and updated
    • When using sync_attachments as True, the attachments for both the RegScale issue and SerivceNow indients, are compared to prevent duplication and the attachments will match in both Regscale and ServiceNow

The CLI provides detailed logging throughout the process to indicate progress and to provide troubleshooting in case of problems.

Issue CLI Command Example

The following command provides an example of processing ServiceNow incidents for a given RegScale System Security Plan (SSP). These commands can be easily adapted for the customer's specific use case. The steps are shown below:

  • Log into RegScale to set the token which is good for 24 hours and will secure all future RegScale API calls (NOTE: You can skip this step if you are using a RegScale Service Account)
regscale login
  • Process the appropriate level of issues for the given record
regscale servicenow  issues --regscale_id=5 --regscale_module="securityplans" --snow_assignment_group="zzzzzff3c611227d01d25feac2afffff" --snow_incident_type="3 - Low"

Init.yaml Example

For a basic ServiceNow integration with RegScale, the following init.yaml structure is necessary (example/notional key structure shown below, replace with actual customer keys):

domain: https://mycompany.regscale.com
token: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVC38.eyJzdWIiOiJob3dpZWF2cCIsImp0aSI6ImI0NDIxMjRhLTYxOWEtNGI1Mi1hMzUzLTA5YzdjZTRmM2JmOCIsImlhdCI6MTY0NDc4NzY4MiwiaHR0cDovL3NjaGVtYXMueG1sc29hcC5vcmcvd3MvMjAwNS8wNS9pZGVudGl0eS9jbGFpbXMvbmFtZWlkZW50aWZpZXIiOiJjOWY1NzllMi1hOGM4LTRjMDItOGU5MS1jZTEyMmExYWE1MTciLCJodHRwOi8vc2NoZW1hcy54bWxzb2FwLm9yZy93cy8yMDA1LzA1L2lkZW50aXR5L2NsYWltcy9uYW1lIjoiaG93aWVhdnAiLCJodHRwOi8vc2NoZW1hcy5taWNyb3NvZnQuY29tL3dzLzIwMDgvMDYvaWRlbnRpdHkvY2xhaW1zL3JvbGUiOiJBZG1pbmlzdHJhdG9yIiwibmJmIjoxNjQ0Nzg3NjgyLCJleHAiOjE2NDQ4NzQwODIsImlzcyI6IkF0bGFzIiwiYXVkIjoiaHR0cDovL2xvY2FsaG9zdDo1MDAwLyJ9.SkjmRktGLkljysVeoRqcx_hHiVR2gjcA2uZiSJbVkPc
userId: c9f579e2-a8c9-4c02-8e91-ce122a1aa518
snowUrl: https://dev12345.service-now.com/
snowUserName: admin
snowPassword: myPassword

Building a Bash Script to Execute the CLI

You can chain together RegScale CLI commands using scripts. These scripts could be in Bash, Python, PowerShell, etc. Below is an example Bash file (named "regscaleScheduler.sh") in Ubuntu for executing the ServiceNow CLI that pulls all issues after authenticating and assigns them to a specific assignment group in ServiceNow:

#!/bin/sh
regscale login
regscale servicenow --regscale_id=5 --regscale_module="securityplans" --snow_assignment_group="zzzzzff3c611227d01d25feac2afffff" --snow_incident_type="3 - Low"

To execute the Bash file, run this command: . regscaleScheduler.sh. You can chain together any arbitrary set of CLI commands to have them execute sequentially.

Updated 3 months ago