Come join our live training webinar every other Wednesday at 11am PST and hear LogicMonitor experts explain best practices and answer common questions. We understand these are uncertain times, and we are here to help!
Your LogicMonitor account comes ready to integrate alert messages with your ServiceNow account. The bidirectional integration enables LogicMonitor to open, update and close ServiceNow incidents based on LogicMonitor alerts. By sending alerts from LogicMonitor into ServiceNow, you can take advantage of ServiceNow’s alerting platform features to increase uptime of your apps, servers, websites, and databases. ServiceNow users can also acknowledge an alert directly from an incident in ServiceNow.
Note: This integration requires ServiceNow Enterprise. For a list of compatible ServiceNow versions, see product details for this integration at the ServiceNow store.
As discussed in the following sections, setup of this integration requires:
After the application is installed you will need to provide account details for ServiceNow to automatically acknowledge alerts:
*As discussed in API Tokens, API tokens for LogicMonitor’s REST API are created and managed from the User Access page in the LogicMonitor platform.
You can enable the ServiceNow Integration in your account from Settings | Integrations. Select Add and then ServiceNow:
Your ServiceNow subdomain. You can find this in your ServiceNow portal URL. For example, if your ServiceNow portal url is https://dev.service-now.com/, your subdomain would be dev.
The username associated with the ServiceNow account you’d like LogicMonitor to use to open, update and close ServiceNow incidents. Ensure that this user account is assigned the “LogicMonitor Integration” (x_lomo_lmint.LogicMonitor Integration) role, which was automatically added to your ServiceNow instance as part of the LogicMonitor application installation performed in step 1.
The password associated with the ServiceNow username you specified.
The ServiceNow Settings section enables you to configure how incidents are created in ServiceNow for LogicMonitor alerts.
The ServiceNow company that incidents will be created for.
Note: If you’d like to create, update and delete tickets across multiple ServiceNow companies, you can do that by setting the following property on the device whose alerts should trigger a new or change to existing ServiceNow incident:
When an alert is triggered and routed to the ServiceNow Integration, LogicMonitor will first check to see if this property exists for the device associated with the alert. If it does exist, its value will be used instead of the value set in the Integration form.
This field will determine how LogicMonitor sets the due date of the incidents in ServiceNow. Specifically, the ServiceNow incident due date will be set to the number of days you set this field to.
Indicate how the LogicMonitor alert severities should map to incidents created in your ServiceNow portal.
Note: This mapping determines severity level only for the ServiceNow incident. It does not play a role in determining the incident’s priority level.
Indicate how the LogicMonitor alert statuses should update the incidents created in your ServiceNow portal.
The HTTP Delivery section controls how LogicMonitor formats and sends the HTTP requests to create, update and/or close incidents. You shouldn’t need edit to anything in the HTTP Delivery section, but if you wish to customize something you can use the information in the following sections to guide you. If not, you can save the integration now and proceed to the Configuring Alert Rule and Escalation Chain section.
By default, LogicMonitor will pre-populate four different HTTP requests, one for each of:
For each request you can select which alert statuses should trigger the HTTP request. Requests will be sent for new alerts (status: Active), and can additionally be sent for alert acknowledgements (status: Acknowledged), clears (status: Cleared) and escalations/de-escalations (status: Escalated). Note that each alert status can only be associated with one request. Since LogicMonitor auto-populates a different request for each alert status by default, you’ll have to delete a request in order to see the option to include that alert status in a different request.
The HTTP method for ServiceNow integrations is restricted to POST and PUT.
The URL that the HTTP request should be made to. This field is auto-populated based on information you’ve provided.
The custom formatted alert data to be send in the HTTP request (used to create, update and close ServiceNow incidents). This field will be auto-populated for you. If desired, you can customize the alert data field using tokens.
This option sends a test alert and provides the response, enabling you to test whether you’ve configured the integration correctly.
The following tokens are available:
Alert rules and escalation chains are used to deliver alert data to your ServiceNow integration. When configuring these, there a few guidelines to follow to ensure tickets are opened, updated, and closed as expected within ServiceNow. These guidelines are discussed in Alert Integrations Overview.
Enable Acknowledge Field on Incident Forms (optional)
In addition to the base setup it is recommended to add the LogicMonitor Alert Acknowledge field to an Incident View. This check box will allow technicians to acknowledge LogicMonitor alerts from ServiceNow.
3. Drag “LogicMonitor Alert Acknowledge” to the appropriate section of your form.
Additional ServiceNow solutions can be found in our Communities and Blog Posts that demonstrate custom implementations using the LogicMonitor Marketplace application as a base.
In This Article