ServiceNow
ServiceNow CLI
This CLI is provided to perform batch processing and incident assignment using the ServiceNow Platform. It is designed to perform bulk processing of RegScale issues to create, update, and otherwise sync with ServiceNow to perform automated incident assignment in support of ITIL business processes. The CLI currently supports the below functionality:
issues
- syncs issues from RegScale and auto-assigns incidents in ServiceNow while cross-linking their IDssync_work_notes
- sync work notes from ServiceNow to existing issues in RegScaleissues_and_attachments
- bi-directional sync between ServiceNow incidents and RegScale issues and their attachments
Init.yaml Configuration
There are multiple pieces of information needed to configure the ServiceNow integration via the CLI:
snowUrl
- base URL of your ServiceNow instancesnowUserName
- ServiceNow User NamesnowPassword
- ServiceNow password for this user
The first step is to get the ServiceNow Url for your organization's account. This is the base URL of your ServiceNow instance. An example ServiceNow Url is as follows: https://dev12345.service-now.com/
. Next, setup an account with appropriate permissions to create incidents and store the username and password in the init.yaml
file.
Issue Processing Workflow
The CLI currently supports processing RegScale issues to create ServiceNow incidents. The issue processing workflow is shown below:
- The user first logs into RegScale via the CLI to set the access token or otherwise creates a service account as described in the CLI Login documentation
- The user then calls the CLI to process ServiceNow incidents while setting the following flags:
regscale_id
- the ID # of the RegScale record associated with these issuesregscale_module
- the RegScale module of the record associated with these issues, please view RegScale Modules for options.snow_assignment_group
- the Assignment Group Name in ServiceNow responsible for remediating these incidents (Case sensitive)snow_incident_type
- the default incident type that should be used when creating the incidents
- The CLI then retrieves all existing issues in RegScale for the key value pair provided above
- The CLI then processes through all retrieved RegScale issues and does the following:
- Sees if a RegScale issue already exists, if not, it creates a new incident in ServiceNow
- CLI then saves the ServiceNow Incident
sys_id
in the RegScale issue to establish a linking
The CLI provides detailed logging throughout the process to indicate progress and to provide troubleshooting in case of problems.
Issue And Attachments Processing Workflow
ServiceNow ACLs
The issues_and_attachments
command requires changes to the label_entry
table to allow write access to two columns: table
and table_key
. This table is used to associate tags to records which is used to add tags to incidents that are related to RegScale issues. The tags will be named regscale-REGSCALE_MODULE-REGSCALE_ID
where REGSCALE_MODULE
and REGSCALE_ID
are the values provided when running the command.
In order to update these fields, contact your ServiceNow administrator to do so. If you are a ServiceNow administrator, you can use this .XML file: label_entry_update_acls.xml to update the label_entry
table permissions.
The CLI currently supports processing RegScale issues and ServiceNow incidents. The issue processing workflow is shown below:
- The user first logs into RegScale via the CLI to set the access token or otherwise creates a service account as described in the CLI Login documentation
- The user then calls the CLI to process ServiceNow incidents while setting the following flags:
regscale_id
- the ID # of the RegScale record associated with these issuesregscale_module
- the RegScale module of the record associated with these issues, please view RegScale Modules for options.snow_assignment_group
- the Assignment Group Name in ServiceNow responsible for remediating these incidents (Case sensitive)snow_incident_type
- the default incident type that should be used when creating the incidentssync_attachments
- whether to sync attachments between ServiceNow and RegScale, defaults to Trueall
- whether to sync all incidents from ServiceNow to RegScale, defaults to True
- The CLI then retrieves all existing issues in RegScale for the key value pair provided above
- Then it will fetch all Incidents from ServiceNow, unless
--all False
was used, then it will use Tags in service now that match the RegScale key value pair provided above - The CLI then processes through all retrieved ServiceNow incidents and does the following:
- Sees if ServiceNow has the incident in RegScale, if not an incident is created in ServiceNow with the provided
snow_indident_type
and the issue in RegScale is updated to include the new ServiceNow incident ID - Sees if RegScale has all the incidents from ServiceNow, if not it is created in RegScale with the information associated with the incident in ServiceNow
- If the issues already exist in both ServiceNow and RegScale they are compared against one another and updated
- When using
sync_attachments
as True, the attachments for both the RegScale issue and SerivceNow indients, are compared to prevent duplication and the attachments will match in both Regscale and ServiceNow
- Sees if ServiceNow has the incident in RegScale, if not an incident is created in ServiceNow with the provided
The CLI provides detailed logging throughout the process to indicate progress and to provide troubleshooting in case of problems.
Issue CLI Command Example
The following command provides an example of processing ServiceNow incidents for a given RegScale System Security Plan (SSP). These commands can be easily adapted for the customer's specific use case. The steps are shown below:
- Log into RegScale to set the token which is good for 24 hours and will secure all future RegScale API calls (NOTE: You can skip this step if you are using a RegScale Service Account)
regscale login
- Process the appropriate level of issues for the given record
regscale servicenow issues --regscale_id=5 --regscale_module="securityplans" --snow_assignment_group="zzzzzff3c611227d01d25feac2afffff" --snow_incident_type="3 - Low"
Init.yaml Example
For a basic ServiceNow integration with RegScale, the following init.yaml
structure is necessary (example/notional key structure shown below, replace with actual customer keys):
domain: https://mycompany.regscale.com
token: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVC38.eyJzdWIiOiJob3dpZWF2cCIsImp0aSI6ImI0NDIxMjRhLTYxOWEtNGI1Mi1hMzUzLTA5YzdjZTRmM2JmOCIsImlhdCI6MTY0NDc4NzY4MiwiaHR0cDovL3NjaGVtYXMueG1sc29hcC5vcmcvd3MvMjAwNS8wNS9pZGVudGl0eS9jbGFpbXMvbmFtZWlkZW50aWZpZXIiOiJjOWY1NzllMi1hOGM4LTRjMDItOGU5MS1jZTEyMmExYWE1MTciLCJodHRwOi8vc2NoZW1hcy54bWxzb2FwLm9yZy93cy8yMDA1LzA1L2lkZW50aXR5L2NsYWltcy9uYW1lIjoiaG93aWVhdnAiLCJodHRwOi8vc2NoZW1hcy5taWNyb3NvZnQuY29tL3dzLzIwMDgvMDYvaWRlbnRpdHkvY2xhaW1zL3JvbGUiOiJBZG1pbmlzdHJhdG9yIiwibmJmIjoxNjQ0Nzg3NjgyLCJleHAiOjE2NDQ4NzQwODIsImlzcyI6IkF0bGFzIiwiYXVkIjoiaHR0cDovL2xvY2FsaG9zdDo1MDAwLyJ9.SkjmRktGLkljysVeoRqcx_hHiVR2gjcA2uZiSJbVkPc
userId: c9f579e2-a8c9-4c02-8e91-ce122a1aa518
snowUrl: https://dev12345.service-now.com/
snowUserName: admin
snowPassword: myPassword
Building a Bash Script to Execute the CLI
You can chain together RegScale CLI commands using scripts. These scripts could be in Bash, Python, PowerShell, etc. Below is an example Bash file (named "regscaleScheduler.sh") in Ubuntu for executing the ServiceNow CLI that pulls all issues after authenticating and assigns them to a specific assignment group in ServiceNow:
#!/bin/sh
regscale login
regscale servicenow --regscale_id=5 --regscale_module="securityplans" --snow_assignment_group="zzzzzff3c611227d01d25feac2afffff" --snow_incident_type="3 - Low"
To execute the Bash file, run this command: . regscaleScheduler.sh
. You can chain together any arbitrary set of CLI commands to have them execute sequentially.
Updated 4 months ago