Sections in this category

ServiceNow

  • Updated

Setup

The JupiterOne ServiceNow integration is configured using your target ServiceNow implementation's hostname, such as my-company.service-now.com.

The integration authenticates using Basic auth with username and password for a read-only account. Whenever possible, we recommend creating a new user in your ServiceNow implementation to be used strictly for authenticating with this integration.

In ServiceNow

In order to allow JupiterOne to fetch data from your ServiceNow account, we recommend creating a new ServiceNow role with read-only access to your account and assigning that read-only role to a dedicated ServiceNow user.

  1. Follow the ServiceNow documentation to create a new ServiceNow role called jupiterone_reader.

  2. For each of the ServiceNow tables used in the JupiterOne <-> ServiceNow integration, create a new access control rule (ACL) to allow access to the jupiterone_reader role with Type: Record, Operation: Read, and Role: jupiterone_reader. This should be enabled for the following tables (found in the Name field):

  • sys_user
  • sys_user_group
  • sys_user_grmember
  • incident
  1. Create a new ServiceNow User called JupiterOne. Make a note of the new username/password; you'll need it when configuring your integration in JupiterOne.

  2. Open the JupiterOne user and assign the jupiterone_reader role to your newly created user.

  3. (OPTIONAL) For JupiterOne users who wish to create ServiceNow incidents based on JupiterOne alert rules, we suggest creating a jupiterone_incident_creator role. Repeat steps 1, 2, and 4 above with the following parameters:

    1. ServiceNow Role: name: jupiterone_incident_creator

    2. Access Control Rule (ACL) : Type:Record , Operation:Create , Name(table):incident , Role:jupiterone_incident_creator

    4. Role Assignment: Assign jupiterone_incident_creator role to JupiterOne user

Data Model

Entities

The following entities are created:

Resources Entity _type Entity _class
Account service_now_account Account
Incident service_now_incident Incident
User service_now_user User
User Group service_now_group UserGroup

Relationships

The following relationships are created/mapped:

Source Entity _type Relationship _class Target Entity _type
service_now_account HAS service_now_group
service_now_account HAS service_now_user
service_now_group HAS service_now_group
service_now_group HAS service_now_user
service_now_incident ASSIGNED service_now_user

🔝

Was this article helpful?

0 out of 1 found this helpful