ServiceNow
  • 03 Nov 2022
  • 19 Minutes to read
  • Dark
    Light
  • PDF

ServiceNow

  • Dark
    Light
  • PDF

ServiceNow provides service management software as a service, including IT services management (ITSM), IT operations management (ITOM), and IT business management (ITBM).

Types of Assets Fetched

This adapter fetches the following types of assets:

  • Devices
  • Users

About ServiceNow

Use cases the adapter solves

An accurate Configuration Management Database (CMDB) is crucial for your ITSM program. It can often be a single source of truth for tracking and managing IT assets. Axonius will collect data across multiple different adapters to perform CMDB Reconciliation and Maintenance.

Data retrieved by ServiceNow
The data retrieved from ServiceNow is highly customizable as each deployment can vary greatly. By default, Axonius will connect to the following tables and their child tables (tables can be added or removed with the adapter settings).

  • cmdb_ci_computer
  • cmdb_ci_vm
  • cmdb_ci_vm_instance
  • cmdb_ci_printer
  • cmdb_ci_netgear
  • u_cmdb_ci_computer_atm
  • cmdb_ci_comm
  • cmdb_ci_cluster
  • cmdb_ci_cluster_vip
  • cmdb_ci_facility_hardware
  • cmdb_ci_msd
  • cmdb_ci_vpn

Axonius will connect to the user tables to fetch user information if enabled.

Enforcements

To properly reconcile and maintain the ServiceNow CMDB, Axonius has Enforcement Center actions to create and update devices in ServiceNow. Furthermore, Axonius can also create ServiceNow incidents based on device or user data in Axonius. This can be helpful when devices require manual intervention or when user accounts require updates.


Parameters

  1. ServiceNow Domain (required) - The hostname or IP address of the ServiceNow server. This field format is 'https://[instance].service-now.com'.
  2. User Name and Password (required) - The credentials for a user account that has the Required Permissions to fetch assets.
  3. Client ID and Client Secret (optional) - The OAuth Client ID and Client Secret for OAuth access to ServiceNow. Refer to OAuth 2.0 with Inbound REST for full details on how to obtain the OAuth Token.
  1. Refresh Token - When using the OAuth method of authentication, enter the value of the Refresh Token issued by a ServiceNow instance.

  2. Verify SSL - Select to verify the SSL certificate offered by the value supplied in ServiceNow Domain. For more details, see SSL Trust & CA Settings.

  3. HTTPS Proxy (optional) - A proxy to use when connecting to the value supplied in ServiceNow Domain.

  4. Fetch devices updated in ServiceNow in the last X hours (0: All) (optional, default: 0)

    • If supplied, this connection will fetch only devices that have been updated in ServiceNow in the last specified number of hours.
    • If not supplied or if '0' is supplied, this connection will fetch all devices from ServiceNow.
  5. Fetch users updated in ServiceNow in the last X hours (0: All) (optional, default: 0)

    • If supplied, this connection will fetch only users that have been updated in ServiceNow in the last specified number of hours.
    • If not supplied or if '0' is supplied, this connection will fetch all users from ServiceNow.
  6. Fetch users created in ServiceNow in the last X hours (0: All) (optional, default: 0)

    • If supplied, this connection will fetch only user that have been created in ServiceNow in the last specified number of hours.
    • If not supplied or if '0' is supplied, this connection will fetch all users from ServiceNow.
  7. Enable Client Side Certificate - Select to enable Axonius to send requests using the certificates uploaded to allow Mutual TLS configuration for this adapter. When you select this option, 2 more fields are displayed.

    TLSonAdapter.png

    • Click Choose file next to Client Private Key File to upload a client private key file in PEM format
    • Click Choose file next to Client Certificate File to upload a public key file in PEM format
  8. To learn more about common adapter connection parameters and buttons, see Adding a New Adapter Connection.

ServiceNow2

Advanced Settings

Note:

From Version 4.6, Advanced settings can either apply for all connections for this adapter, or you can set different advanced settings and/or different scheduling for a specific connection, refer to ​Advanced Configuration for Adapters.

  1. Fetch users data (required, default: True) - If enabled, all connections for this adapter will fetch user data and add relevant user fields to the devices (for example: Owner, Assigned To, etc.).

    • The Users table in ServiceNow is a huge table. Therefore, fetching its data requires more time, RAM and CPU from the adapters connections.
    • If this option is unchecked, all connections for this adapter will not fetch any data from the Users table at all. As a result, a lot of ServiceNow device information will be missing.
  2. Create users (required, default: True)

    • If enabled, Axonius will create ServiceNow user entities from the user data fetched from all connections for this adapter. Users will be created only if you have checked the Fetch Users Data option.
    • If disabled, Axonius will not create ServiceNow user entities from the user data fetched from all connections for this adapter.
  3. Use existing user data during device fetching

    • If enabled, all connections for this adapter will add various user fields to the devices (for example: Owner, Assigned To, etc.) based on the associated Users Assets fields. The Fetch users data option will be ignored.
    • If disabled, all connections for this adapter will not add various user fields to the devices (for example: Owner, Assigned To, etc.) based on the associated Users Assets fields.
  4. Fetch VPN devices from 'cmdb_ci_vpn' table (required, default: True)

    • If enabled, all connections for this adapter fetch VPN devices from 'cmdb_ci_vpn' table.
    • If disabled, all connections for this adapter will not fetch VPN devices from 'cmdb_ci_vpn' table.
  5. Fetch IP addresses (required, default: True)

    • If enabled, all connections for this adapter will collect information on device IP addresses.
    • If disabled, all connections for this adapter will not collect information on device IP addresses.
  6. Exclude disposed and decommissioned devices

    • If enabled, all connections for this adapter will not collect information on devices if their status in ServiceNow is 'Disposed' or 'Decommissioned'.
    • If disabled, all connections for this adapter will collect information on devices with any status in ServiceNow.
  7. Do not fetch devices without IP address, MAC address and serial number

    • If enabled, all connections for this adapter will only collect information on devices if they have an IP address, MAC address, or serial number.
    • If disabled, all connections for this adapter will collect information on devices even if they have no IP address, no MAC address, and no serial number.
  8. Use 'cmdb_ci' table instead of 'alm_asset' table for install status

    • If enabled, all connections for this adapter will collect the Install Status from the 'cmdb_ci' table.
    • If disabled, all connections for this adapter will collect the Install Status from the 'alm_asset' table.
  9. Exclude VMs tables

    • If enabled, all connections for this adapter will not collect device assets from tables in ServiceNow that are related to Virtual Machines.
    • If disabled, all connections for this adapter will collect device assets also from tables in ServiceNow that are related to Virtual Machines.
  10. Users Email include list (optional) - Specify a comma-separated list of user emails.

    • If supplied, all connections for this adapter will only fetch users whose emails contains any of the comma-separated list of user emails that have been defined in this field. (Note that the emails defined don't have to be full email addresses since Contains is used).
    • If not supplied, all connections for this adapter will fetch users with any email.
  11. Fetch only active users

    • If enabled, all connections for this adapter will fetch only active users.
    • If disabled, all connections for this adapter will fetch all users regardless of whether they are active or not.
  12. Install status number exclude list (optional) - Specify a comma-separated list one or more numbers that represent install status to exclude from the fetched data.

    • If supplied, all connections for this adapter will not fetch devices from ServiceNow if their install status is in the specified list.
    • If not supplied, all connections for this adapter will fetch all devices from ServiceNow, regardless of their install status.
  13. Install status number include list (optional) - Specify a comma-separated list of one or more numbers that represent install status to include in the fetched data.

    • If supplied, all connections for this adapter will only fetch devices from ServiceNow if their install status is in the specified list.
      • The values supplied in this field are applicable only if Install status number exclude list is empty.
    • If not supplied, all connections for this adapter will fetch all devices from ServiceNow, regardless of their install status.
  14. Operational status number exclude list (optional) - Specify a comma-separated list of one or more numbers that represent operational status to exclude from the fetched data.
    15. If supplied, all connections for this adapter will not fetch devices from ServiceNow if their operational status is in the specified list.
    16. If not supplied, all connections for this adapter will fetch all devices from ServiceNow, regardless of their operational status.

  15. Operational status number include list (optional, default: empty) - Specify a comma-separated list of one or more numbers that represent operational status to include in the fetched data.

    • If supplied, all connections for this adapter will only fetch devices from ServiceNow if their operational status is in the specified list.
      • The values supplied in this field are applicable only if Operational status number exclude list is empty.
    • If not supplied, all connections for this adapter will fetch all devices from ServiceNow, regardless of their operational status.
  16. Fetch only virtual devices

    • If enabled, all connections for this adapter will fetch only virtual device assets from ServiceNow.
    • If disabled, all connections for this adapter will fetch any device asset from ServiceNow.
  17. Fetch operational status (required, default: True)

    • If enabled, all connections for this adapter will fetch also the operational status of device assets from ServiceNow.
    • If disabled, all connections for this adapter will not fetch the operational status of device assets from ServiceNow.
  18. Fetch device relations (required, default: True)

    • If enabled, all connections for this adapter will fetch also the device relations of device assets from ServiceNow.
    • If disabled, all connections for this adapter will not fetch the device relations of device assets from ServiceNow.
  19. Fetch upstream related Application Services information

    • If enabled, all connections for this adapter will parse information from the Application Services table (cmdb_ci_service_discovered) of any application service existing in a device upstream relations.
    • If disabled, all connections for this adapter will not parse information from the Application Services table.
  20. Fetch upstream related Application Services extended information - Select whether to fetch information from the cmdb_ci_service_auto table and additional fields from the cmdb_ci_service_discovered table not fetched by the Fetch upstream related Application Services information parameter.

  21. Fetch upstream related Certificate information

    • If enabled, all connections for this adapter will fetch the certificate information of device assets from ServiceNow.
    • If disabled, all connections for this adapter will not fetch the certificate information of device assets from ServiceNow.
  22. Fetch upstream related Business Application - Select whether to fetch the Business Application information of device assets from ServiceNow.

  23. Fetch upstream related Application from 'cmdb_ci_appl' table (optional, default: False) - Select to fetch information from the 'cmdb_ci_appl' table about applications related to a device.

  24. When hostname does not exist, use asset name as hostname

    • If enabled, all connections for this adapter will set the asset name as the hostname for the device in ServiceNow if a hostname does not exist.
    • If disabled, all connections for this adapter will set the hostname of devices as empty.
  25. Fetch active compliance policy exceptions

    • If enabled, all connections for this adapter will link 'active' compliance policy exceptions as identified by ServiceNow Governance, Risk and Compliance (GRC) to the respective devices.
    • If disabled, all connections for this adapter will not link any compliance policy exceptions to devices.
  26. Do not fetch devices or users marked as excluded

    • If enabled, all connections for this adapter will not fetch assets that have the u_exclude_from_discovery field set as True in ServiceNow.
    • If disabled, all connections for this adapter will fetch all assets from ServiceNow.
    Note:

    As a prerequisite, u_exclude_from_discovery field must be created and defined in ServiceNow as a Boolean field.

  27. RAM from source in GB - Select whether to display RAM data fetched from ServiceNow in GB memory units.

    • If enabled, all connections for this adapter will display the RAM data fetched from ServiceNow in GB memory units.
    • If disabled, all connections for this adapter will display the RAM data fetched from ServiceNow in MB memory units.
  28. Fetch only IPv4 for devices (exclude IPv6) - Select whether to only fetch IP addresses in IPv4 format for devices. By default Axonius fetches IP addresses both in IPv4 format and IPv6 format.

  29. Fetch OS information from 'cmdb_software_product_model' (required, default: True) - Enable this setting if the 'u_operating_system' field value is a reference to the 'cmdb_software_product_model' table and you want to fetch information about the operating system of a device.

    • If enabled, all connections for this adapter will fetch operating system information using the defined reference.
    • If disabled, all connections for this adapter will fetch operating system information using the 'u_operating_system' field value, ignoring any references.
  30. Fetch model information from 'cmdb_model' (required, default: True) - Enable this setting If the 'model_id' field value is a reference to the cmdb_model table.

    • If enabled, all connections for this adapter will use the reference in the 'model_id' field to fetch the device_model and device_manufacturer from the cmdb_model table.
    • If disabled, all connections for this adapter will fetch only the value of the 'model_id'.
  31. Fetch software package information from 'cmdb_sam_sw_install' table

    • If enabled, all connections for this adapter will fetch software package information from the 'cmdb_sam_sw_install' table.
    • If disabled, all connections for this adapter will not fetch software package information.
  32. Fetch business unit from 'business_unit' table - Select whether to fetch 'Assigned To Business Unit' field from the 'business_unit' table.

    • If enabled, all connections for this adapter will fetch 'Assigned To Business Unit' field from the 'business_unit' table.
    • If disabled, all connections for this adapter will fetch 'Assigned To Business Unit' field from other tables.
  33. Fetch NIC information from 'cmdb_ci_network_adapter' table (required, default: True)

    • If enabled, all connections for this adapter will fetch network interface information from the cmdb_ci_network_adapter table and from the matching cmdb_ci_ip_address table.
    • If disabled, all connections for this adapter will not fetch network interface information from the cmdb_ci_network_adapter table and from the matching cmdb_ci_ip_address table.
  34. Fetch only discovered NICS with IP information from 'cmdb_ci_network_adapter' table (optional) - Select whether to fetch network interface information from the cmdb_ci_network_adapter table that have an IP address.

  35. Fetch Platform Offering from ‘service_offering' table (optional) - Select to fetch information from the ‘service_offering’ table.

  36. Fetch Device contract information from 'ast_contract' for the following parent contract numbers (optional) - Specify a comma-separated list of parent contract numbers. This option requires the 'Contract Management' plugin.

    • If supplied, all connections for this adapter will fetch contract information (number, short description) for the specified list, and will add the contract information to the devices associated with to the contract (Contracts complex field), based on the relationship defined in ServiceNow.
    • If not supplied, all connections for this adapter will not fetch contract information.
  37. Fetch Device divestiture contract information from 'ast_contract' for the following parent contract numbers (optional) - Specify a comma-separated list of parent contract numbers. This option requires the 'Contract Management' plugin.

    • If supplied, all connections for this adapter will fetch divestiture contract information (number, short description) for the specified list, and will add the divestiture contract information to the devices associated with to the contract (Divestiture Contracts complex field), based on the relationship defined in ServiceNow.
    • If not supplied, all connections for this adapter will not fetch divestiture contract information.
  38. Fetch only parsed fields for users

    • If disabled (default setting), fetches all fields from ServiceNow, shows them all in “view advanced” section and parses only the fields required.
    • If enabled, only parsed fields are fetched from ServiceNow.
  39. Use 'last_discovered' device field exclusively as 'last_seen'

    • When enabled, all connections for this adapter will compute the 'last_seen' field from the 'last_discovered' raw field, if this field does not exist 'last_seen' will not exist.
    • When disabled, all connections for this adapter will use max('last_discovered', ‘sys_updated_on’) to compute last_seen.
  40. Fetch from the following Read Replica category (Must be supported on instance (optional) - Specify the name of a 'Read Replica' of the 'Operational' database to remove the load from the main database. The value must be an existing 'Read Replica Category' within ServiceNow. This depends on configuration in ServiceNow.

    • When supplied all connections for this adapter will fetch all data from the replica ServiceNow database instead of from the main database.
    • When not supplied, all connections for this adapter will fetch data from the main database.
  41. Use the following field when filtering last updated (optional) - Enter a ServiceNow field name to be used as the field that Axonius filters by for the following configurations Fetch devices updated in ServiceNow in the last X hours and
    Fetch users updated in ServiceNow in the last X hours

    • If a field is set, all connections for this adapter will fetch devices or users which have the set field that was updated in the time defined.
    • When not supplied, all connections for this adapter will fetch devices or users which were last updated according to the ‘sys_updated_on’ ServiceNow field.
  42. Include devices if they have the following field with the following value(s) (optional) - Enter one or more ServiceNow tables with a specified value, in the format (table_name:)field_name:(filtered_value,filtered_value). Separate entries with semi-colons. The table name must be exactly one of the values listed here: cmdb_ci_computer,cmdb_ci_vm,cmdb_ci_vm_instance,cmdb_ci_printer,cmdb_ci_netgear,u_cmdb_ci_computer_atm,cmdb_ci_comm,cmdb_ci_cluster,cmdb_ci_cluster_vip,cmdb_ci_facility_hardware,cmdb_ci_msd,u_cmdb_ci_dinar_infrastructure_object,cmdb_ci_vpn.

    • If a field is supplied, all connections for this adapter will fetch devices which have a ServiceNow table that contains a field with the value defined.
  43. Exclude devices if they have the following field with the following value(s) (optional) - Enter one or more ServiceNow tables with a specificed value, in the format (table_name:)field_name:(filtered_value,filtered_value). Separate entries with semi-colons. The following table names are supported: cmdb_ci_computer,cmdb_ci_vm,cmdb_ci_vm_instance,cmdb_ci_printer,cmdb_ci_netgear,u_cmdb_ci_computer_atm,cmdb_ci_comm,cmdb_ci_cluster,cmdb_ci_cluster_vip,cmdb_ci_facility_hardware,cmdb_ci_msd,u_cmdb_ci_dinar_infrastructure_object,cmdb_ci_vpn.

    • If a field is supplied, all connections for this adapter will exclude devices from the adapter fetch which have a ServiceNow table that contains a field with the value defined.
  44. Use subtable cache in delta fetches - Select to obtain subtable cache information (additional device/user information) during delta fetches.

Note:

The ServiceNow user must have access to the sys_audit_delete table to obtain information from the subtable cache.

  1. Skip subtables cache for the following tables (optional) - Enter one or more comma-separated tables to not obtain subtable cache information.
  2. Do not use 'Last Seen' for the following tables (optional) -
    • Enter one or more ServiceNow table names separated by commas that will not be filtered by 'Last Seen'. All connections for this adapter will fetch all of the data from the specified tables from all dates.
    • To avoid calculating 'Last Seen' for all devices, enter * in the field.
  3. Additional device table names (optional) - Enter one or more ServiceNow table names separated by commas from which Axonius will fetch entries and parse them into devices. Table names should be of the format 'cmdb_ci_my_linux_server'
    • You can use this setting in 2 ways:

A list of tables to fetch in addition to the built-in tables. In this case the format should be table_name(, table_name). When the table names are separated by commas.
or
A list of tables with filters. In this case the format should be (table_name(:sysparm_query)(;table_na…)), when sysparm_query is a ServiceNow query with ServiceNow operators as defined in Operators availabe for filters and queries and each table name together with a query (filter) is separated by a semicolon.

  • When supplied all connections for this adapter will fetch data from all of the additional tables listed, make them into devices, then proceed with fetching the default hardcoded subset of tables Axonius usually fetches from. The tables listed in this field take precedence over the default ServiceNow tables queried by Axonius, a Ci fetched from these tables will now be totally ignored as redundant in the later “default” fetching process.
  • When not supplied, all connections for this adapter will not fetch data from any additional tables.
Note:

The settings here for filters on the table names listed in this field apply exclusively to the list of tables in this field. Other advanced settings that you make do not serve as filters to the table names listed in this field.
For example: if Additional device table names==cmdb_ci_ip_switch:install_statusIN1;cmdb_ci_ip_router:install_statusIN1; and** Install status number exclude list**==2,3,4, then all of the ServiceNow built in device tables will be fetched with excluded of install_status of 2,3,4 and the specific tables in Additional device table names will be an “inclusion” of install_status of 1.

  1. Additional user table names (optional) - This is the same as Additional device table names but for user table names.

  2. ServiceNow Fields are true (optional) - Enter one or more parameters, separated by commas, and filter only devices where these parameters are true.

    • When supplied, all connections for this adapter will fetch devices where these parameters are true, and will not fetch devices where these parameters are false. If the device does not have the field, the device is fetched.
    • When not supplied, all connections for this adapter will fetch all devices.
  3. Always populate serial number (optional) - When selected, Device Manufacturer Serial is parsed even if it contains exclusion keywords, such as "VMware Virtual Platform".

  4. Entries fetched per page (required, default: 200) - Specify the maximum number of entries all connections for this adapter fetch per page when connecting the ServiceNow server.
    * The supplied value lets you control the performance of all the connections for this adapter. To reduce the number of requests sent to ServiceNow, but to avoid impact on overall performance, you can reduce the Number of requests to perform in parallel value and increase the Entries fetched per page value.

  5. Ignore retired devices that have not been seen by the source in the last X hours (optional, default: 0) - Enter 1 or more hours to ignore retired devices that have not been seen by the source. A value of 0 means to fetch all devices.

  6. Exclude Devices OS list (optional) - Specify an Operating System name to not fetch devices which run this Operating System.

  7. Number of requests to perform in parallel (required, default: 50) - Specify the maximum parallel request all connections for this adapter will create when connecting the ServiceNow server.

    • This setting lets you control the performance of all the connections for this adapter.
  8. Date Format - Generally, ServiceNow automatically identifies the date format. In some cases, the identification is ambiguous. You can set a specific date format for timestamps in ServiceNow. From the dropdown, select either: Automatically Identify, DD/MM/YYYY or MM/DD/YYYY. The default is Automatically Identify.

  9. Do not add serial number metadata (optional) - When selected, metadata like "VMWare-", "VMWare Inc.", and "VMWare Virtual Platform" will not be added to ServiceNow serial numbers.

  10. Fetch Related PC Attributes - Select to fetch additional PC attribute data.

  11. Fetch Portfolio fields from u_ip_portfolio_mapping table - Select to fetch Portfolio fields in the u_ip_portfolio_mapping table.

Note:

For details about general advanced settings under the Adapter Configuration tab, see Adapter Advanced Settings.

Required Ports

Axonius must be able to communicate with the value supplied in Host Name or IP Address via the following ports:

  • TCP ports 80/443: HTTP/S

Required Permissions

The value supplied in User Name must have Read access to devices.

To create such a user

  1. As an administrator, log into the ServiceNow admin panel and go to the User Administration panel.
    image.png

  2. Click Users and then New. Fill in the details for this user.
    image.png

  3. Create the user and then search for it in the Users screen to configure it. Click Edit to edit the user's attached roles.
    image.png

  4. Assign the "itil", "rest_api_explorer", "web_service_admin" roles and then click Save and finally Update to save the user.
    image.png



Changing your password will log you out immediately. Use the new password to log back in.
First name must have atleast 2 characters. Numbers and special characters are not allowed.
Last name must have atleast 1 characters. Numbers and special characters are not allowed.
Enter a valid email
Enter a valid password
Your profile has been successfully updated.