ServiceNow - Request Catalog Item

The ServiceNow - Request Catalog Item action orders a service cart item from the service catalog for:

Assets returned by the selected query or assets selected on the relevant asset page.

See Creating Enforcement Sets to learn more about adding Enforcement Actions to Enforcement Sets.

📘
Note:

Not all asset types are supported for all Enforcement Actions.

See Actions supported for Activity Logs, Adapters Fetch History, and Asset Investigation modules.

See Actions supported for Vulnerabilities.

See Actions supported for Software.

Required Fields

These fields must be configured to run the Enforcement Set.

Action name - The name of this Enforcement Action. The system sets a default name. You can change the name.
Configure Dynamic Values - Toggle on to enter a Dynamic Value statement. See Creating Enforcement Action Dynamic Value Statements to learn more about Dynamic Value statement syntax.

Use stored credentials from ServiceNow adapter - Select this option to use the ServiceNow connected adapter credentials. By default, the first connection is selected.
- When you select this option, the Select Adapter Connection dropdown is available, and you can choose the adapter connection to use for this Enforcement Action.

📘
Note
To use this option, you must successfully configure a ServiceNow adapter connection.

SYS ID - The ID of the requested item.
Compute Node - The Axonius node to use when connecting to the specified host. For more details, see Working with Axonius Compute Nodes.

Additional Fields

These fields are optional.

💡
Connection and Credentials

When Use stored credentials from the adapter is toggled off, some of the connection fields below are required to create the connection, while other fields are optional.

ServiceNow Domain - The URL of the ServiceNow instance. For example: https://myinstance.service-now.com

User Name and Password - The credentials for a user account that has the Required Permissions to perform this action.

Client ID and Client Secret - The OAuth Client ID and Client Secret for OAuth access to ServiceNow. Refer to OAuth 2.0 with Inbound REST for full details on how to obtain the OAuth Token.

Refresh Token - When using the OAuth method of authentication, enter the value of the Refresh Token issued by a ServiceNow instance.

Verify SSL (optional) - Select whether to verify the SSL certificate of the server against the CA database inside of Axonius. For more details, see SSL Trust & CA Settings.

HTTPS Proxy (optional) - Connect the adapter to a proxy instead of directly connecting it to the domain.

Attach CSV on requested item (RITM) instead of on request - If the Send CSV data option is enabled, enabling this option attaches the CSV on the requested item (RITM) instead of on the request itself (REQ).

Request Body Parameters

Quantity - The number of catalog items to request. Equivalent to sysparm_quantity.

Additional fields - Name-value pairs of all mandatory cart item variables. Request will fail if required attributes are not specified.

API -Product Documentation | ServiceNow - Service Catalog - POST Orders the specified catalog item

For example:

{
"remediation_due_date": "2023-03-14",
 "remediation_risk_rating": "remediation_risk_low",
 "remediation_vulnerability_source": "Tenable",
 "remediation_cve": "CVE-2023-12345",
 "common_comments": "This is a Comment",
 "remediation_short_description": "This is a description",
 "requested_by": "e9846652588cd013a892c6db65422",
 "remediation_assignment_group": "44eb8c11db6bd200d1d6f1fcbf667ee"
 }

APIs

Axonius uses the following API:

Product Documentation | ServiceNow - General

Required Permissions

The stored credentials, or those provided in Connection and Credentials, must have the following permission(s) to perform this Enforcement Action:

Permission to create requests

For more details about other Enforcement Actions available, see Action Library.

Updated about 11 hours ago