ServiceNow ITSM 2.0.0
App Vendor: ServiceNow
App Category: Case/Ticket Management (ITSM)
Connector Version: 2.3.0
API Version: Quebec v2
About App
The ServiceNow ITSM app allows security teams to integrate with the ServiceNow ITSM enterprise application to gain extensive access to instances through a set of RESTful APIs. Using ITSM, security teams can restore services faster, identify root cause of issues and proactively prevent disruptions. It helps to accelerate change by automatic approvals while maintaining controls, and provide employees with intuitive self service portal.
The ServiceNow ITSM app in the Orchestrate application can perform the following actions:
Action Name | Description |
|---|---|
Checkout Item Order Request | This action checks out an item order request based on the specified parameters. |
Create Item Order Request | This action creates a catalog item order request based on the specified parameters. |
Checkout Catalog Item | This action checks out a catalog item based on the specified parameters. |
Order Catalog Item | This action orders a catalog item based on the specified parameters. |
List Catalog Items | This action retrieves a list of catalog items based on the specified parameters. |
Download Attachment | This action downloads the attached binary file with a specific system ID value. |
Upload File | This action uploads a multipart file attachment. |
Get Attachment Metadata | The action retrieves the metadata of multiple attachments using the system ID. |
Update Request Item Record (RITM) | This action updates the requested item record. |
Update Incident | This action updates an Incident. |
Get user roles | This action retrieves a list of user roles. |
Get change request record | This action retrieves the details of a change request record. |
Get a Requested Item Record (RITM) | This action retrieves the details of a requested item record. |
Create a request item | This action adds a request item. |
Create change request | This action creates a change request. |
Update table record | This action updates a record in the table. |
Search records from table | This action searches records from the table. |
Resolve incident records | This action resolves incident records. |
Get Users Details | This action retrieves the users details. |
Get Stats Of A Table | This action gets the statistics of a table. |
Get Detailed Information Of A Record | This action retrieves all the details about a record. |
Get Incident Details By Incident Number | This action retrieves the incident details by using an incident number. |
Delete Record From Table | This action deletes a record from a table. |
Create New Record In A Table | This action creates a record in a table in ServiceNow. |
Close Incident | This action closes an incident. |
Create A New Incident | This action creates an incident in the incident table. |
Execute Scripted API Action | This action executes a scripted API action. |
Configuration Parameters
The following configuration parameters are required for the ServiceNow ITSM app to communicate with the ServiceNow ITSM enterprise application. The parameters can be configured by creating instances in the app.
Parameter | Description | Field Type | Required / Optional | Comments |
|---|---|---|---|---|
Base URL | Enter the base URL for accessing ServiceNow ITSM. Example: "https://ven04212.service-now.com/api" | Text | Required | |
Username | Enter the username for ServiceNow. | Text | Required | |
Password | Enter the password for ServiceNow account. | Password | Required | |
Client ID | Enter the client ID. | Text | Optional | |
Client Secret ID | Enter the client secret ID to authorize communications with the application. | Password | Optional | |
Time-Based One-Time-Password Secret | Enter the secret password generated for MFA using the one time password. | Password | Optional |
Action: Close an Incident
This action closes an incident using the system ID of the incident along with notes for reference.
Action Input Parameters
Parameter | Description | Field Type | Required / Optional | Comments |
|---|---|---|---|---|
System ID | Enter the sys_ID to close the incident. Example: "dd530aad87cd741034308626cebb3523" | Text | Required | |
Work notes | Enter the work notes to close the incident. Example: "To be closed" | Text | Required |
Example Request
[
{
"sys_id": "dd530aad87cd741034308626cebb3523",
"work_notes": "To be closed"
}
]Action: Create a New Incident
This action creates a new incident in the incident table. The new incident is created with a short description, urgency, impact, and caller ID.
Action Input Parameters
Parameter | Description | Field Type | Required / Optional | Comments |
|---|---|---|---|---|
Short description | Enter a short description of the incident. Example: "Ransomware attack" | Text | Required | |
Urgency | Enter a choice for urgency. | Text | Required | Allowed values: 1, 2, or 3. |
Impact | Enter a choice for impact. | Text | Required | Allowed values: 1, 2, or 3. |
Add more information | Enter more information to add to the incident in form of key-value pairs. | Text | Optional | |
Caller ID | Enter the caller ID associated to the incident. Example: "System Administrator" | Text | Required |
Example Request
[
{
"impact": "1",
"urgency": "2",
"caller_id": "System Administrator",
"action_payload": {},
"short_description": "Ransomware attack"
}
]Action: Create a new record in a table
This action creates a new record in a table in ServiceNow.
Action Input Parameters
Parameter | Description | Field Type | Required / Optional | Comments |
|---|---|---|---|---|
Table name | Enter the table name. Example: "Incident" | Text | Required | |
Post parameters | Enter the parameters to be updated while creating the record in the form of key-value pairs. Example: {"impact": "2","urgency": "2","correlation_id": "28271","caller_id": "System Administrator","short_description": "sample incident title" } | Key Value | Required |
Example Request
[
{
"table_name": "incident",
"post_params": {
"impact": "2",
"urgency": "2",
"correlation_id": "28271",
"caller_id": "System Administrator",
"short_description": "sample incident title"
}
}
]Action: Delete a Record from Table
This action deletes a record from the specified table.
Action Input Parameters
Parameter | Description | Field Type | Required / Optional | Comments |
|---|---|---|---|---|
Table name | Enter the table name from which the record must be deleted. Example: "Incident" | Text | Required | |
System ID | Enter the System ID of the record in the table to be deleted. Example: "c222023a1ba4f0105e32a9f6b04bcbe3" | Text | Required |
Example Request
[
{
"sys_id": "c222023a1ba4f0105e32a9f6b04bcbe3",
"table_name": "incident"
}
]Action: Get Incident Details by Incident Number
This action gets the incident details using the incident number.
Action Input Parameters
Parameter | Description | Field Type | Required / Optional | Comments |
|---|---|---|---|---|
Incident number | Enter the incident number. Example: "INC0010002" | Text | Required |
Example Request
[
{
"incident_number": "INC0010002"
}
]Action: Get Detailed Information of a Record
This action retrieves all the details about a record.
Action Input Parameters
Parameter | Description | Field Type | Required / Optional | Comments |
|---|---|---|---|---|
Table name | Enter the table name. Example: "Incident" | Text | Required | |
System ID | Enter the system ID of the record that needs to be fetched. Example: "c222023a1ba4f0105e32a9f6b04bcbe3" | Text | Required | |
Query parameters | Enter the query parameters in the form of key-value pair to filter the results. | Key Value | Optional | Allowed keys:
|
Example Request
[
{
"sys_id": "c222023a1ba4f0105e32a9f6b04bcbe3",
"table_name": "incident",
}
]Action: Get Statistics of a Table
This action retrieves the statistics of a table.
Action Input Parameters
Parameter | Description | Field Type | Required / Optional | Comments |
|---|---|---|---|---|
Table name | Enter the table name. Example: "cmdb_ci_lb_a10" | Text | Required | |
Query parameters | Enter the query parameters in the form of key-value pairs. | Key Value | Optional | Default value: "sysparm_avg_fields": {"reassignment_count", "business_stc"} |
Example Request
[
{
"table_name": "cmdb_ci_lb_a10",
"query_params":
{
"sysparm_avg_fields": "reassignment_count"
}
}
]Action: Get User Details
This action retrieves the user details.
Action Input Parameters
Parameter | Description | Field Type | Required / Optional | Comments |
|---|---|---|---|---|
Query parameters | Enter the query parameters in the form of key-value pairs to retrieve the user details. | Key Value | Optional | |
Maximum users | Enter the maximum number of users to be returned. Example: "10" | Integer | Optional | Default value: 1 |
Table name | Enter the table name. Example: "Incident" | Text | Required |
Example Request
[
{
"limit_number_of_users":“10”,
"table_name":"Incident"
}
]Action: Resolve Incident Records
This action resolves incident records using the system ID and a close code to reflect the resolved state.
Action Input Parameters
Parameter | Description | Field Type | Required / Optional | Comments |
|---|---|---|---|---|
System ID | Enter the System ID. Example: "Sample System ID" | Text | Required | |
Work Notes | Enter the work notes. Example: "work" | Text | Required | |
Close Code | Enter the close code. | Text | Required | Allowed values:
|
Closing Notes | Enter the closing notes. Example: "closing" | Text | Required |
Example Request
[
{
"sys_id": "4f22867edbecb0102c7c9506f396197d",
"close_code": "Solved (Work Around)",
"work_notes": "work",
"close_notes": "closing"
}
]Action: Search Records from Table
This action searches for records from the table.
Action Input Parameters
Parameter | Description | Field Type | Required / Optional | Comments |
|---|---|---|---|---|
Table name | Enter the table name. Example: "Incident" | Text | Required | |
Number of records to retrieve | Enter the number of records to retrieve from table as an input. Example: "5" | Integer | Optional | Default value: "1" |
Query parameters | Enter query parameters in the form of key-value pairs to filter the results. | Key Value | Optional | Allowed keys:
|
Example Request
[
{
"table_name":"Incident",
"retrieve_no_of_records":“5”,
}
]Action: Update Table Record
This action updates a record of a table.
Action Input Parameters
Parameter | Description | Field Type | Required / Optional | Comments |
|---|---|---|---|---|
Table name | Enter the table name. Example: "Incident" | Text | Required | |
System ID | Enter the System ID. Example: "aae552a9db09f4502c7c9506f396193f" | Text | Required | |
Post parameters | Enter the post parameters in the form of key-value pairs. | Key Value | Optional |
Example Request
[
{
"sys_id": "aae552a9db09f4502c7c9506f396193f",
"table_name": "incident",
"post_params": {
"urgency": "1"
}
}
]Action: Create Change Request
This action creates a change request.
Action Input Parameters
Parameter | Description | Field Type | Required / Optional | Comments |
|---|---|---|---|---|
Request type | Enter the request type. | Text | Required | Allowed values:
|
Category of change request | Enter the category of the change request. Example: "inquiry" | Text | Required | |
Impact of change request | Enter the impact value of the change request. | Text | Required | Allowed values:
|
Configuration item | Enter the system ID of configuration item. Example: "8d538ead87cd741034308626cebb3500" | Text | Required | |
Group assignment | Enter the system ID of the group to assign the request. Example: "8d538ead87cd741034308626cebb3500" | Text | Optional | |
Start date | Enter a start date in "Year-Month-Day Hours:Minutes:Seconds" format. Example: "2015-10-20 23:59:59" | Text | Optional | |
End date | Enter an end date in "Year-Month-Day Hours:Minutes:Seconds" format. Example: "2015-10-20 23:59:59" | Text | Optional | |
Short description | Enter a short description for the change request. Example: "Can't access SFA software" | Text | Optional | |
Description | Enter a description for the change request. Example: "update firmware" | Text | Optional | |
Work notes | Enter work notes. Example: "update firmware" | Text | Optional | |
More Information | Enter more information in the record in the form of key-value pairs. | Key Value | Optional |
Example Request
[
{
“request_type”: “normal”,
“category“: “inquiry”,
“impact“: “2“,
“configuration_item“: “8d538ead87cd741034308626cebb3500“,
“assigned_group“: “8d538ead87cd741034308626cebb3500“,
“start_date“: “2015-10-20 23:59:59“,
“end_date“: “2015-10-20 23:59:59“,
“short_description“: “Can't access SFA software“,
“description“: “update firmware“,
“work_note“: “update firmware“,
“action_payload“:
{
"quantity": 10
}
}
]Action: Create a Request Item
This action adds a request item.
Action Input Parameters
Parameter | Description | Field Type | Required / Optional | Comments |
|---|---|---|---|---|
Request item information | Enter information to add into the request item in form of key-value pairs. | Key Value | Optional | |
Table name | Enter the table name. Example: "incident" | Text | Required |
Example Request
[
{
"action_payload":{
"quantity":10
},
"table_name":"incident"
}
]Action: Get a Requested Item Record (RITM)
This action retrieves the details of a requested item record.
Action Input Parameters
Parameter | Description | Field Type | Required / Optional | Comments |
|---|---|---|---|---|
System ID of Record | Enter the System ID of the record to get details. Example: "0553ce2ddbc5f4502c7c9506f39619bb" | Text | Required |
|
Table Name | Enter the table name. Example: "incident" | Text | Required |
|
Filters | Enter the filters in key-value pairs to filter the result. Example: {'sysparm_display_value':'all'} | Key Value | Optional | Allowed keys:
|
Example Request
[
{
"record_sys_id":"0553ce2ddbc5f4502c7c9506f39619bb",
"table_name":"incident",
"filters": {'sysparm_display_value':'all'}
}
]Action: Get Change Request Record
This action retrieves the details of a change request record.
Action Input Parameters
Parameter | Description | Field Type | Required / Optional | Comments |
|---|---|---|---|---|
Request type | Enter the request type a record was created with. | Text | Required | Allowed values:
|
Change request System ID | Enter the System ID of the change request. Example: "8d538ead87cd741034308626cebb3500" | Text | Required |
Example Request
[
{
"request_type":"emergency",
"request_sys_id":"8d538ead87cd741034308626cebb3500"
}
]Action: Get User Roles
This action gets a list of user roles.
Action Input Parameters
Parameter | Description | Field Type | Required / Optional | Comments |
|---|---|---|---|---|
User System ID | Enter the System ID of the user for which the role information needs to be fetched. Example: "005d500b536073005e0addeeff7b12f4" | Text | Required |
Example Request
[
{
"user_sysid":"005d500b536073005e0addeeff7b12f4"
}
]Action: Update an Incident
This action updates an incident.
Action Input Parameters
Parameter | Description | Field Type | Required / Optional | Comments |
|---|---|---|---|---|
System ID | Enter the System ID of the Incident to be updated. Example: "dd530aad87cd741034308626cebb3523" | Text | Required | |
Additional parameters | Enter the additional parameters to update in the Incident in the form of key value pairs. Example: " {"urgency": "1"} " | Key Value | Required |
Example Request
[
{
"sys_id":"dd530aad87cd741034308626cebb3523",
"post_params":
{
"urgency":"1"
}
}
]Action: Update Request Item Record
This action updates the requested item record.
Action Input Parameters
Parameter | Description | Field Type | Required / Optional | Comments |
|---|---|---|---|---|
System ID of item record | Enter the System ID of the requested item record. Example: "dd530aad87cd741034308626cebb3523" | Text | Required | |
Information to update | Enter the field values to add/update in a record in the form of key-value pairs. Example: "{"quantity": "10"}" | Key Value | Optional |
Example Request
[
{
"ritm_sys_id":"dd530aad87cd741034308626cebb3523",
"action_payload":{
"quantity":"10"
}
}
]Action: Get an Attachment
The action gets the metadata for multiple attachments.
Action Input Parameters
Parameter | Description | Field Type | Required / Optional | Comments |
|---|---|---|---|---|
Table system ID | Enter the System ID of the record on the specified table to which you want to attach the file. Example: "dd530aad87cd741034308626cebb3523" | Text | Required |
Example Request
[
{
"table_sys_id":"dd530aad87cd741034308626cebb3523"
}
]Action: Upload a File
This action uploads a multi-part file attachment.
Action Input Parameters
Parameter | Description | Field Type | Required / Optional | Comments |
|---|---|---|---|---|
Table name | Enter the table name to which you want to attach the file. Example: "incident" | Text | Required | |
Table system ID | Enter the system ID of the record on the specified table to which you want to attach the file. Example: "dd530aad87cd741034308626cebb3523" | Text | Required | |
File path | Enter the file path. Example: "/system/anna/statusReport" | Text | Required |
Example Request
[
{
"table_name":"incident",
"table_sys_id":"dd530aad87cd741034308626cebb3523",
"file_path":"/system/anna/statusReport"
}
]Action: Download an Attachment
This action gets the binary file attachment with a specific system ID value.
Action Input Parameters
Parameter | Description | Field Type | Required / Optional | Comments |
|---|---|---|---|---|
System ID | Enter the System ID of the attachment. Example: "c3538ead87cd741034308626cebb3584" | Text | Required |
Example Request
[
{
"sys_id": "c3538ead87cd741034308626cebb3584"
}
]Action: Checkout Item Order Request
This action is used to checkout an item order request based on the specified parameters.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
System ID | Enter the System ID of the attachment. This value can be retrieved from the List Catalog Items action. Example: "1f27d9a5db131010a3c28a18489619b6" | Text | Required |
Example Request
[
{
"sys_id": "1f27d9a5db131010a3c28a18489619b6"
}
]Action: Create Item Order Request
This action creates a catalog item order request based on the specified parameters.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
System ID | Enter the System ID of the attachment. This value can be retrieved from the List Catalog Items action. Example: "1f27d9a5db131010a3c28a18489619b6" | Text | Required | |
Quantity | Enter the quantity of the item. This cannot be a negative number. Example: "2" | Text | Required | |
Additional Parameters | Enter additional parameters as key value pairs to create an item order request. | Key Value | Optional |
Example Request
[
{
"sys_id": "1f27d9a5db131010a3c28a18489619b6",
"sysparm_quantity": "2"
}
]Action: Checkout Catalog Item
This action is used to checkout a catalog item based on the System ID.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
System ID | Enter the System ID of the catalog item to checkout. This value can be retrieved from the List Catalog Items action. Example: "1f27d9a5db131010a3c28a18489619b6" | Text | Required |
Example Request
[
{
"sys_id": "1f27d9a5db131010a3c28a18489619b6"
}
]Action: Order Catalog Item
This action orders a catalog item based on the specified parameters.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
System ID | Enter the System ID of the attachment. This value can be retrieved from the List Catalog Items action. Example: "1f27d9a5db131010a3c28a18489619b6" | Text | Required | |
Quantity | Enter the quantity of the catalog item to order. This cannot be a negative number. Example: "5" | Text | Required | |
Additional Parameters | Enter additional parameters as key value pairs to order catalog items. | Key Value | Optional |
Example Request
[
{
"sys_id": "1f27d9a5db131010a3c28a18489619b6",
"sysparm_quantity": "5"
}
]Action: List Catalog Items
This action retrieves a list of catalog items based on the specified parameters.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Additional Parameters | Enter additional parameters as key value pairs to list catalog items. Example: "{"sysparm_category": "d68eb4d637b1300054b6a3549dbe5db2", }" | Key Value | Optional | Allowed values:
|
Number of Records | Enter the maximum number of records to return. If the requests exceed this number of records, use the parameter sysparm_offset to paginate record retrieval. Example: "1000" | Integer | Optional | Default value: 1000 |
Offest Number | Enter the starting record index to begin retrieving records. Use this value to paginate record retrieval. This helps in retrieval of all records, regardless of the number of records, in small manageable chunks. Example: "0" | Integer | Optional | Default value: 0 |
Example Request
[
{
"query_params": {
"sysparm_category": "d68eb4d637b1300054b6a3549dbe5db2",
}
"sysparm_limit": 1000,
"sysparm_offset": 0
}
]Action: Execute Scripted API Action
This action executes a scripted API action.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
HTTP Method | Enter the HTTP method to be used. Example:
| Text | Required | |
Resource Path | Enter the resource path for the Scripted API. Example: "/cyl/soar/incident" | Text | Required | |
Query Parameters | Enter the query parameters for the API request as key-value pairs. Example: "active=true" | Key Value | Optional | |
Request Body | Enter the JSON body of the API request as key-value pairs. Example: {"subcategory": "vulnerability", "description": "This is for vulnerability"} | Key Value | Optional |
Example Request
[
{
"http_method":"GET",
"resource_path":"/cyl/soar/incident",
"query_params":"active=true",
"request_body":{
"subcategory":"vulnerability",
"description":"This is for vulnerability"
}
}
]