Recently we have received a lot of requests for Enterprise Alert to not only alert on critical situations but to also take a proactive approach to initiate, record and track those situations through ITSM tools such as ServiceNow and BMC Remedy. This post will center around what happens when critical systems fail and tickets are not being created in ServiceNow due to a break in the workflow.
Tools such as SCOM, NNMi and Dynatrace are great at monitoring an infrastructure and its devices. Up/Down statuses are easily visible from their dashboards. Certain business rules may require the tools to create ServiceNow tickets for those events that are deemed critical. However, building this level of deep integration can be troublesome. This is where Enterprise Alert comes in. With the use of remote actions, we will show how critical incidents can not only be alerted on but also help with the business workflow of creating tickets within Service Now.
We will be simulating an alert that would be raised from SCOM, NNMi, or any other ITOM monitoring tool. The event details will then trigger an alert policy within Enterprise Alert. We usually see this workflow stop here. We are going to take this one step further and create a remote action that will pass through the event details and create a ticket in ServiceNow.
Let’s Get Started
First, we need to make sure that we have a solid connection with ServiceNow. You can find more details on how to configure Enterprise Alert to integrate with ServiceNow here: https://www.derdack.com/portfolio_item/servicenow-mobile-app-text-push-voice-duty-scheduling-escalations/
Once this connection is established we need to create a Remote Action. From the web portal navigate to Remote Actions and click Create New
On the General Tab populate the fields as shown in the screenshot below:
Under Actions select ServiceNow > Create Incident
Now we need to create a new policy or update an existing policy to use this new remote action. In this case we will edit an existing policy and map the fields required to be submitted to ServiceNow. From the existing policy select the Action tab and choose Create ServiceNow Incident from the drop down.
You will want this to Auto Run so put a check mark in that box. Click on the Edit Mapping link and populate the desired dynamic content to be submitted to ServiceNow.
Note: It may be best to create a new policy here and set the notification method to automatically close when an email is delivered. This will notify the team that a new ticket has been created and then an additional Alert Policy can be triggered from the newly created incident.
“Short Description”: “Broken Laptop”,
“Description”: “Needs Replacement”,
“Impact”: “1 – High”,
“Urgency”: “1 – High”,
“Assignment Group”: “Applications Team”,
“Caller”: “Abel Tuter”
Here is the first incoming event that triggered a policy kicking off the Remote Action.
Here is the resulting new Incent in ServiceNow.
Now Enterprise Alert has picked up this new Incident in ServiceNow and routed the alert to the appropriate team, Applications Team, using dynamic routing.
We hope this helped to showcase how Enterprise Alert can create tickets in ServiceNow adding a compliment to your business requirements of having major incidents raised and tracked through ServiceNow without the need to have a deep integration outside of EA.
How can we help you?
Do you need to optimize your alert policies to dynamically assign notification recipients? Let us know at firstname.lastname@example.org.