Skip to content

Nr 421775 servicenow integration #20877

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Draft
wants to merge 9 commits into
base: develop
Choose a base branch
from
Draft

Nr 421775 servicenow integration #20877

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
9 commits
Select commit Hold shift + click to select a range
e380ade
wip
cbehera-newrelic Jun 10, 2025
7b9c302
wip
cbehera-newrelic Jun 10, 2025
1145384
wip
cbehera-newrelic Jun 10, 2025
7250875
wip
cbehera-newrelic Jun 10, 2025
d15b650
Review comments are fixed
cbehera-newrelic Jun 13, 2025
1921799
minor edits
cbehera-newrelic Jun 13, 2025
759b4e7
fix merge conflicts
cbehera-newrelic Jun 19, 2025
413e283
fix
cbehera-newrelic Jun 19, 2025
b5a9860
wip
cbehera-newrelic Jun 23, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
207 changes: 207 additions & 0 deletions src/content/docs/service-architecture-intelligence/servicenow-integration-doc.mdx
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,207 @@
---
title: Service Architecture Intelligence with Servicenow integration
tags:
- New Relic integrations
- Servicenow integration
metaDescription: Set up automatic ingestion of your GitHub Dependabot events by using webhook for ongoing ingestion.
freshnessValidatedDate: never
---

<Callout title="PREVIEW">

We're still working on this feature, but we'd love for you to try it out!

This feature is currently provided as part of a preview program pursuant to our [pre-release policies](/docs/licenses/license-information/referenced-policies/new-relic-pre-release-policy).
</Callout>


Are you aiming to enhance your understanding of service architecture by utilizing data from your ServiceNow account? The New Relic ServiceNow integration seamlessly imports user, team, and role data directly into the New Relic platform.

This integration streamlines the onboarding process for users and teams, simplifies role management, and clarifies entity ownership mapping, reducing the setup configuration, time, and effort. This integration aims to enhance the management and visibility of [Catalogs](/docs/service-architecture-intelligence/catalogs/catalogs) and [Scorecards](/docs/service-architecture-intelligence/scorecards/getting-started) within New Relic. For more information, refer [Service Architecture Intelligence capability](/docs/service-architecture-intelligence/getting-started).


**Prerequisites:**

* Admin access to ServiceNow instance.
* Ensure you have the necessary permissions to create properties, users, roles, ACLs, and scripts.


**To set up the Servicenow integration:**

On the ServiceNow instance, you need to create a system property to enable the integration. This property allows New Relic to access the ServiceNow instance and retrieve the necessary data.

On the ServiceNow instance, do the following steps to set up the integration:

1. **Create Properties in ServiceNow.**

1. Navigate to `sys_properties.list` using the filter.

2. Click **New**, provide a name (e.g., **glide.oauth.inbound.client.credential.grant_type.enabled**), set the type to **True/False**, and set the value to `True`, and submit the property.

2. **Create Service user.**

1. Navigate to `sys_user.list` using the filter.

2. Navigate to `sys_user.list`, click **New**, set the user name (e.g., New Relic Service User),

3. Ensure that the user is active, enable Web **Service Access Only**, and submit the user.

3. **Create Roles.**
1. Navigate to `sys_user_role.list` using the filter.

2. Click **New**, set the role name (e.g., New Relic Service Role), and submit the role.

4. **Create Access Control List (ACL).**

1. Navigate to `sys_security_acl.list` using the filter.

2. Click **New**, set the name (e.g., New Relic Service ACL), and select the type as **record**.

3. Set the operation to **read** and select the table as `sys_user_role`.

4. In the **Requires role** field, select the role created in step 3.
5. Create similar ACL role for `sys_user_grmember` and repeat the steps.

6. Submit the ACL.

5. **Assign Role to service user.**

1. Navigate to the service user created in the `sys_user.list`.

2. Edit the user roles to add the role created earlier.

3. Save the changes to ensure the service user has the necessary permissions.

6. **Configure application registry.**

1. Navigate to `oauth_application_registry.list` using the filter.

2. Click **New**, select **Create an OAuth API endpoint for external clients**.

3. Set the name (e.g., **NR OAuth Client**), set **Default Grant Type** to **Client Credentials**, and set **OAuth Application User** to the service user created.

4. Submit the application registry to establish secure communication.

7. **Create signing Key property.**

1. Navigate to `sys_properties.list` using the filter.

2. Click **New**, set the type to **Password2**, set the name (e.g., **nr_signing_key_real_time_events**), and set the value to a unique **UUID**.

3. Submit the property to store the unique identifier securely.


9. **Create an HTTP method**

1. Navigate to `sys_rest_message.list` using the filter.
2. Click **New** to create a REST message and set the name and endpoint.
3. Submit the REST message.
4. Create an HTTP method by:
- Setting the authentication type to **No Authentication**.
- Specifying the endpoint.
- Setting the method to **POST**.
- Submitting the method.
10. **Automate Business Rule.**

1. Navigate to `sys_script.list` using the filter.

2. Click **New**, set the name, set **When to run** to **After**, and set **Insert, Update, Delete**.

3. Set the table to `sys_user_group`, paste the following script, replace the property name in the script if necessary, and submit the business rule.

```javascript
(function executeRule(current, previous /*null when async*/ ) {
try {
var signingKeyProp = gs.getProperty('nr_signing_key_real_time_events');

if (!signingKeyProp) {
gs.log('Error: cant get signing key from sys props');
}

var signingKey = GlideStringUtil.base64Encode(signingKeyProp);

if (!signingKey) {
gs.log('Error: base64 signing key is empty');
}

var payload = {};
var tableName;

for (var fieldName in current) {
if (current.getElement(fieldName) && typeof current[fieldName] !== 'function') {
payload[fieldName] = current.getValue(fieldName);
}
}

payload.instance_name = gs.getProperty('instance_name');
payload.event_type = '';
payload.event_timestamp = new Date().toISOString();

if (current.operation() == 'insert') {
tableName = current.getTableName();
payload.event_type = 'inserted';
} else if (current.operation() == 'update') {
tableName = current.getTableName();
payload.event_type = 'updated';
} else if (current.operation() == 'delete') {
tableName = previous.getTableName();
for (var fieldNamePrev in previous) {
if (previous.getElement(fieldNamePrev) && typeof previous[fieldNamePrev] !== 'function') {
payload[fieldNamePrev] = previous.getValue(fieldNamePrev);
}
}
payload.event_type = 'deleted';
}

var jsonPayload = JSON.stringify(payload);
var mac = new GlideCertificateEncryption;
var signingAlgo = 'HmacSHA256';

var signature = mac.generateMac(signingKey, signingAlgo, jsonPayload);

var r = new sn_ws.RESTMessageV2('nr_realtime_event_rest_message', 'post_nr_realtime_event_rest_message');
r.setRequestBody(jsonPayload);
r.setRequestHeader('Content-Type', 'application/json');
r.setRequestHeader('X-NR-Signature-Key', signature);
if (tableName) {
r.setRequestHeader('X-NR-Data-Type', tableName);
} else {
gs.log('Error: Table name could not be determined for X-NR-Data-Type header.');
}
var response = r.execute();
var httpStatus = response.getStatusCode();
var responseBody = response.getBody();

if (httpStatus >= 200 && httpStatus < 300) {
gs.log('success status : ' + httpStatus);
} else {
gs.log('failure status : ' + httpStatus + ' reason : ' + responseBody);
}
} catch (ex) {
gs.log('Error happend :'+ex.getMessage());
}

})(current, previous);

```

This script captures changes to the `sys_user_group` table and sends real-time events to New Relic, including the operation type (insert, update, delete) and the relevant data.

11. **Finalize Integration.**

1. Provide the Client ID and Client Secret from the application registry, the instance name (e.g., `google`), and the real-time signing key (UUID created).

2. Validate that teams and users data are being pulled correctly to ensure successful integration.

On the New relic platform, do the following steps to complete the set up integration:

1. Go to **[one.newrelic.com > + Integration & Agents > ServiceNow integration](https://one.newrelic.com/marketplace/install-data-source?state=9306060d-b674-b245-083e-ff8d42765e0d)**.
2. In the **Set up ServiceNow integration** screen, enter the following details:

- **Client ID**: The Client ID from the application registry.
- **Client Secret**: The Client Secret from the application registry.
- **ServiceNow instnce name**: The name of your ServiceNow instance (e.g., `google.servicenow.com`).
- **Real-time events signing key**: The UUID created in the ServiceNow instance.

3. Click **Continue** to establish the connection between New Relic and ServiceNow.

4 changes: 3 additions & 1 deletion src/nav/service-architecture-intelligence.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -30,4 +30,6 @@ pages:
- title: Dynamic Flow Map
path: /docs/service-architecture-intelligence/maps/dynamic-flow-map
- title: GitHub integration
path: /docs/service-architecture-intelligence/github-integration
path: /docs/service-architecture-intelligence/github-integration
- title: ServiceNow integration
path: /docs/service-architecture-intelligence/servicenow-integration-doc
Loading