ServiceNow - Create Assets

General Settings

Enforcement Set name (required) - The name of the Enforcement Set. A default value is added by Axonius. You can change the name according to your needs.
Add description - Click to add a description of the Enforcement Set. It is recommended to describe what the Enforcement Set does.
Run action on assets matching following query (required) - Select an asset category and a query. The Enforcement Action will be run on the assets that match the query parameters.
- A query only returns results for the asset type it was created for.
- Not all asset categories are supported for all Enforcement Actions.
  - See Actions supported for Activity Logs, Adapters Fetch History, and Asset Investigation modules.
  - See Actions supported for Vulnerabilities.
  - See Actions supported for Software.
Action name (required) - The name of the Main action. A default value is added by Axonius. You can change the name according to your needs.
Configure Dynamic Values - Toggle on to enter a Dynamic Value statement. See Creating Enforcement Action Dynamic Value Statements to learn more about Dynamic Value statement syntax.

Use stored credentials from the ServiceNow adapter - Select this option to use the connected ServiceNow adapter credentials.

When you select this option, the Select Adapter Connection drop-down is available, and you can choose which adapter connection to use for this Enforcement Action.
When not enabled, see Connection Parameters

Note:

To use this option, you must successfully configure a ServiceNow adapter connection.

Required Fields

These fields must be configured to run the Enforcement Set.

Retry count (default: 1) - If the action fails, Axonius will retry to execute it this many times for each device.

Compute Node - The Axonius node to use when connecting to the specified host. For more details, see Connecting Additional Axonius Nodes.

Additional Fields

These fields are optional.

Connection Parameters

When Use stored credentials from the ServiceNow adapter is toggled Off, these fields are required:

ServiceNow domain - URL for the ServiceNow admin panel.
User name and Password - To connect to ServiceNow, you will need to create a user with action privileges.
Client ID and Client Secret - The OAuth Client ID and Client Secret for OAuth access to ServiceNow. Refer to OAuth 2.0 with Inbound REST for full details on how to obtain the OAuth Token.
Refresh Token - When using the OAuth method of authentication, enter the value of the Refresh Token issued by a ServiceNow instance.
Verify SSL - Select whether to verify the SSL certificate of the server against the CA database inside of Axonius. For more details, see SSL Trust & CA Settings.
HTTPS Proxy - Connect the adapter to a proxy instead of directly connecting it to the domain.

CMDB CI table name (default: cmdb_ci_computer) - Specify the table that the CI will be created in.

If supplied, Axonius creates the CI in the specified table.
If not supplied, Axonius creates the CI in cmdb_ci_computer table.

Create devices in Axonius - Select this option to generate a corresponding device in Axonius.

Additional fields - Specify additional fields to be added as part of the ServiceNow asset as key/value pairs in a JSON format. For example: {"field1": "value1", "field2": "value2"}.

If supplied, Axonius adds the specified fields and values to the created asset in ServiceNow. If one of the specified fields is invalid, the request might fail.
If not supplied, Axonius does not add any additional fields to the created asset in ServiceNow.
If you enter a field called 'Additional Fields', ServiceNow extracts any field in that dictionary and sends it as a request item instead of a mapped value. For example, if you enter the following:
{"additional_items": { "sys_object_source_info": { "source_name": "Axonius", "source_native_key": "123" } } }
then the sys_object_source info field is sent as a request item, and not a mapped field.

Split by field values - Select the adapter and the list field from that adapter to split into individual entities. This can be used to send a record per item in the list.

Do not map default Axonius fields - Select whether to map the set of default Axonius fields to the ServiceNow asset.

If enabled, default Axonius fields are not mapped to the ServiceNow asset.
If disabled, default Axonius fields are mapped to the ServiceNow asset. For details, see Default Field Mapping.

Map Axonius fields to ServiceNow fields - Use the Field Mapping Wizard to map Axonius fields to fields in ServiceNow. In this way you can transfer data found in Axonius into ServiceNow. The wizard shows you which fields exist on the Axonius system, allowing you to map them easily.

NOTE

For details, see Axonius to External Field Mapping.

Add last seen aggregated field details name if it was input in the previous mapping -

Click + to add values
In the Key field, enter the ServiceNow field
In the Value field, enter the name of a corresponding Axonius field for which you want to show extended details in the aggregated field in Axonius.

Use IdentifyReconcile API endpoint to create computer -

If supplied, the asset is created in ServiceNow via the Identification and Reconciliation (IdentifyReconcile) API. The supplied value will be used as the source for the new created asset.
- The Identification and Reconciliation (IdentifyReconcile) API uses the Identification and Reconciliation engine (IRE) to minimize creation of duplicate Configuration Items (CIs) and to reconcile CI attributes by only accepting information from authorized sources when updating the Configuration Management Database (CMDB).
- It is recommended to use ‘Axonius’ as the source value.
If not supplied, the asset is created in ServiceNow via the Table API, and the CMDB will be updated directly.
When using IRE, and VM data exists, then create additional VM meta data

Convert Preferred Total RAM (GB) to MB - Select to display the total RAM in Megabytes instead of in Gigabytes.

Use first IP address only - Select to add the first IP address to the ServiceNow asset.

If enabled, only the device's first IP address is added to the ServiceNow asset.
If disabled, all the device's IP addresses are added to the ServiceNow asset.

IP addresses delimiter (default: /) - Specify the delimiter to separate between multiple IP addresses added to the ServiceNow asset.

If supplied, the specified delimiter is used to separate between multiple IP addresses added to the ServiceNow asset.
If not supplied, the default delimiter is used to separate between multiple IP addresses added to the ServiceNow asset.

Use first MAC address only (default: True) - Select whether the first MAC address to be added to the ServiceNow asset.

If enabled, only the device's first MAC address will be added to the ServiceNow asset.
If disabled, all the device's MAC addresses will be added to the ServiceNow asset.

MAC addresses delimiter (default: /) - Specify the delimiter to separate between multiple MAC addresses added to the ServiceNow asset.

If supplied, the specified delimiter is used to separate between multiple MAC addresses added to the ServiceNow asset.
If not supplied, the default delimiter is used to separate between multiple MAC addresses added to the ServiceNow asset.

Use full URL for device creation - Select this option so that the entire URL entered in the 'ServiceNow Domain' field when you create this action is used to create the device. (When this is not selected, only the domain part of the URL is used to create the device, and the rest of the URL is calculated by the Action depending on the table name). This can be used for example, to insert devices using a custom API in ServiceNow.

Create ServiceNow asset even if device's asset entities include ServiceNow - Select whether to create a new ServiceNow asset even if one of the device's asset entities has been fetched from ServiceNow.

If enabled, an asset is created in ServiceNow even if one of the device's asset entities has been fetched from ServiceNow.
If disabled, an asset is not created in ServiceNow even if one of the device's asset entities has been fetched from ServiceNow.

CIDR exclude list - Specify a comma-separated list of CIDRs to be excluded.

If supplied, Axonius does not add to ServiceNow IP addresses in the IP range of the specified CIDRs.
If not supplied, Axonius adds to ServiceNow IP addresses in any IP range.

CIDR include list - Specify a comma-separated list of CIDRs to be included.

If supplied, Axonius only uses ServiceNow IP addresses in the IP range of the specified CIDRs.
If not supplied, Axonius adds to ServiceNow IP addresses in any IP range.

Additional fields to use by querying ServiceNow - This option allows you to specify an “external enrichment query“ (by specifying a ServiceNow table, and a mapping between Axonius fields to ServiceNow fields). You then specify mapping between the source table (the query results table) to the destination table (the table where the EC will create the asset in ServiceNow).

This ServiceNow query is performed for every device the EC is run for.
The result of the ServiceNow query is appended to the created asset (based on the mapping between the source table to the destination table).
Enter the required information in the following fields:
- Table Name - the source table for query data.
- Axonius to source table query mapping - Define the mapping between Axonius fields and the ServiceNow source table.
- Filter Operator - Select the filter operator in ServiceNow which will be used when querying the table:
  - Is one of - Checks whether the value in Axonius is contained within a list of values in the ServiceNow field.
  - Contains - Checks whether the value in Axonius is contained in the ServiceNow field value.
  - Is - Checks for complete equality between the Axonius field and the ServiceNow field.
- Axonius fields - Select the Axonius fields you want to use to enrich the ServiceNow table. The fields used to query the table (e.g., using the device IP address of the Axonius field to search the table to find an entry with that IP address).
Create Record with matching values if no existing values found - When an entity does not exist in the ServiceNow table, it will be created.
- When not selected, and an Axonius field is missing from the mapping (i.e.,a device doesn’t have this field), the query for that device is skipped. Only the first result from each query for each device is used (i.e., for a device, every query from ServiceNow will only have a single result).
Source table fields to Destination table fields mapping - Mapping from the ServiceNow source table to the destination table fields. Define the fields in a JSON formatted file, as follows:
```
{“source_table_field“: “dest_table_field“, “source_table_field_2“: “dest_table_field_2“}
```
Reference fields from the source table will be mapped to the destination table using their “display_value“.

Create ServiceNow asset for each installed software - Select whether to create a new ServiceNow asset for each of the devices' installed software.

If enabled, an asset will be created in ServiceNow also for each of the devices' installed software.
If disabled, an asset will be created in ServiceNow only for the device.

Assure uniqueness of created software assets - When both this option and Create ServiceNow asset for each installed software are selected, a new software asset will not be created in ServiceNow if the asset exists in ServiceNow and was previously fetched from any adapter connection. This prevents the duplication of software assets.

Number of parallel requests - The maximum number of requests that can be sent to ServiceNow simultaneously. If the total number of requests is lower than the limit, only the total request count is sent.

Perform bulk insert (insertMultiple) - When selected, the assets created by the action are inserted to ServiceNow in bulk.

NOTE

* This option cannot be used with “Use full URL for device creation“ or “Use IdentifyReconcile API endpoint to create computer“ options.
* When using this option, the table name configured in “CMDB CI table name“ must extend sys_import_set_row.

Exclude connections - If enabled, the selected connections are not used to query assets.

Default Field Mapping

When the Create ServiceNow Asset action creates an asset in ServiceNow for each of the query results entities, the asset in ServiceNow is created with a set of attributes populated based on the following mapping:

Axonius Device Field	ServiceNow Attribute
Asset Name / Host Name	name
Device Manufacturer	manufacturer
Device Manufacturer Serial / BIOS Serial	serial_number
Network Interfaces: IPs	ip_address
Network Interfaces: MAC	mac_address
OS Type	os

Axonius Device Field

ServiceNow Attribute

Asset Name / Host Name

name

Device Manufacturer

manufacturer

Device Manufacturer Serial / BIOS Serial

serial_number

Network Interfaces: IPs

ip_address

Network Interfaces: MAC

mac_address

OS Type

ServiceNow - Create Assets

General Settings

Required Fields

Additional Fields

Connection Parameters

Default Field Mapping

Required Permissions

What's Next