ServiceNow - Update Tickets

Article Summary

Share feedback

Thanks for sharing your feedback!

The Update ServiceNow Tickets action works on all assets supported by the ServiceNow-Create Incident tickets.
It updates tickets for:

Assets that match the results of the selected saved query, and match the Enforcement Action Dynamic Value statement, if defined, or assets selected on the relevant asset page.
- When the action is triggered on any asset category except Tickets (for example, Users), the enforcement action updates all tickets or the latest ticket linked to each user resulting from the selected query, according to your selection in the Select Which Related Tickets To Update dropdown (see below).
- When the action is triggered on asset=Tickets, the action runs on all tickets resulting from the selected query. (The Select Which Related Tickets To Update dropdown is not relevant.)

See Creating Enforcement Sets to learn more about adding Enforcement Actions to Enforcement Sets.

General Settings

Enforcement Set name (required) - The name of the Enforcement Set. A default value is added by Axonius. You can change the name according to your needs.
Add description - Click to add a description of the Enforcement Set. It is recommended to describe what the Enforcement Set does.
Run action on assets matching following query (required) - Select an asset category and a query. The Enforcement Action will be run on the assets that match the query parameters.
- A query only returns results for the asset type it was created for.
- Not all asset categories are supported for all Enforcement Actions.
  - See Actions supported for Activity Logs, Adapters Fetch History, and Asset Investigation modules.
  - See Actions supported for Vulnerabilities.
  - See Actions supported for Software.
Action name (required) - The name of the Main action. A default value is added by Axonius. You can change the name according to your needs.
Configure Dynamic Values - Toggle on to enter a Dynamic Value statement. See Creating Enforcement Action Dynamic Value Statements to learn more about Dynamic Value statement syntax.

Use stored credentials from ServiceNow adapter - Select this option to use the ServiceNow connected adapter credentials.
- When you select this option, the Select Adapter Connection dropdown is available, and you can choose the adapter connection to use for this Enforcement Action.

Note:

To use this option, you must successfully configure a ServiceNow adapter connection.

These fields must be configured to run the Enforcement Set.

Compute Node - The Axonius node to use when connecting to the specified host. For more details, see Connecting Additional Axonius Nodes.

These fields are optional.

When Use stored credentials from ServiceNow adapter is toggled Off, these fields are required:

ServiceNow Domain - The full URL of the ServiceNow server.
User Name and Password - The credentials for a user account that has the Required Permissions to fetch assets.
Client ID and Client Secret - The OAuth Client ID and Client Secret for OAuth access to ServiceNow. Refer to OAuth 2.0 with Inbound REST for full details on how to obtain the OAuth Token.
Refresh Token - When using the OAuth method of authentication, enter the value of the Refresh Token issued by a ServiceNow instance.
Verify SSL - Select whether to verify the SSL certificate of the server against the CA database inside of Axonius. For more details, see SSL Trust & CA Settings.
HTTPS Proxy - Connect the adapter to a proxy instead of directly connecting it to the domain.

Additional fields (json format) - Specify additional fields to be added as part of the incident as key/value pairs in a JSON format.
For example:
```
{"field1": "value1", "field2": "value2"}
```
If one of the specified fields is invalid, the request might fail.
Status of the Ticket - The status of the ticket at ServiceNow.
Ticket Assignee - The person assigned by ServiceNow to process the ticket.
Ticket Comments - Free text related to the ticket (by ServiceNow).
Select Which Related Tickets To Update - Relevant when this enforcement action runs on an asset category other than Tickets. Select one of the options or enter the ID of a specific ticket to update and click create new.
- All Related Tickets - Update all tickets linked to the main asset.
- Last Created Ticket - Update the latest ticket linked to the main asset.

For more details about other Enforcement Actions available, see Action Library.

Was this article helpful?

Table of contents