cancel
Showing results for 
Search instead for 
Did you mean: 
miscavj
Level 8

ServiceNow Integration

Jump to solution

I have seen mention of configuring the ESM Alarms to run the "Execute Remote Command" action with Python to create a ServiceNow ticket. Is there a more integrated way to just send to create tickets in ServiceNow? I.E.; an APIs to more seamlessly integrate with the ServiceNow ticketing service, or a way for tickets to be created via Email?

0 Kudos
1 Solution

Accepted Solutions
McAfee Employee

Re: ServiceNow Integration

Jump to solution

Yes! My python script has been superseded by an official integration. There are two parts. The first works similar to the original script.

The Email Parser allows a SNOW incident to be created based on activity in ESM.

The second part is the Sightings Search which queries the ESM for additional data to augment the ticket.

0 Kudos
3 Replies
nksecurity
Level 7

Re: ServiceNow Integration

Jump to solution

Service Now has built an email parser which is included in their Jakarta Release.

Intel McAfee ESM - Email Parser integration

They also have incident enrichment via Sightings Search - this allows you to search the ESM for more information around a particular incident.

If IOT data is provided, it can be shared with the SN Trusted Circle. 

Intel McAfee ESM - Incident Enrichment Integration

Hope this helps.

miscavj
Level 8

Re: ServiceNow Integration

Jump to solution

Thank you!

0 Kudos
McAfee Employee

Re: ServiceNow Integration

Jump to solution

Yes! My python script has been superseded by an official integration. There are two parts. The first works similar to the original script.

The Email Parser allows a SNOW incident to be created based on activity in ESM.

The second part is the Sightings Search which queries the ESM for additional data to augment the ticket.

0 Kudos