Ivanti Plugin for Ticket Orchestrator
Ivanti Plugin for Ticket Orchestrator
This document explains how to configure the CTO Ivanti plugin with the Ticket Orchestrator module of the Netskope Cloud Exchange platform. This plugin is used to create, update, sync incidents/tickets on the Ivanti Platform.
Prerequisites
- A Netskope tenant (or multiple, for example, production and development/test instances) that is already configured in Cloud Exchange.
- A Netskope Cloud Exchange tenant with the Ticket Orchestrator module already configured.
- Connectivity to Ivanti platform (https://<ivanti URL>)
CE Version Compatibility
Netskope CE v4.2.0, v5.0.1
Ivanti Plugin Support
Supported Alert types for incidents |
Anomaly, Compromised Credentials, policy, Legal Hold, malsite, Malware, DLP, Security Assessment, watchlist, quarantine, Remediation, UBA, CTEP |
Mappings
Queue Mapping
Target Fields(Ivanti API Fields) | Ivanti Fields (Ivanti Platform) |
---|---|
subject | Summary |
symptom | Description |
status | Status |
newnotes | Activity History |
Status Mapping
Netskope CE Status | Ivanti Status |
---|---|
New | Logged |
In Progress | Active |
On Hold | Waiting for Customer |
On Hold | Waiting for Resolution |
On Hold | Waiting for 3rd Party |
Other | Resolved |
Closed | Closed |
Other | Cancelled |
Permissions
These permissions are needed for the plugin:
Object Name | Permission |
---|---|
Attachment | Add, View, Edit, Delete |
CI | Add, View, Edit, Delete |
CI.CloudServiceAsset | Add, View, Edit, Delete |
CI.Computer | View, Edit |
CI.Service | Add, View, Edit, Delete |
Category | Add, View, Edit, Delete |
CurrencyCode | Add, View, Edit, Delete |
Employee | Add, View, Edit, Delete |
FRS_MyItem | Add, View, Edit, Delete |
FRS_MyItemParentObjType | Add, View, Edit, Delete |
FRS_MyItemStatus | Add, View, Edit, Delete |
Frs_CompositeContract_Email | Add, View, Edit, Delete |
Frs_data_escalation_watch | Add, View, Edit, Delete |
Frs_def_hours_of_operation | Add, View, Edit, Delete |
Impact | Add, View, Edit, Delete |
ImpactHRAnouncment | Add, View, Edit, Delete |
Incident | Add, View, Edit, Delete |
IncidentBreachReasonCo | Add, View, Edit, Delete |
IncidentBreachResponsibility | Add, View, Edit, Delete |
IncidentCauseCode | Add, View, Edit, Delete |
IncidentDetails | Add, View, Edit, Delete |
IncidentDetailAccountLo | Add, View, Edit, Delete |
IncidentDetail.Employee | Add, View, Edit, Delete |
IncidentDetail.WebsiteFai | Add, View, Edit, Delete |
IncidentDetail.ActionNeeded | Add, View, Edit, Delete |
IncidentPriority | Add, View, Edit, Delete |
IncidentSource | Add, View, Edit, Delete |
IncidentStatus | Add, View, Edit, Delete |
IncidentType | Add, View, Edit, Delete |
Journal | Add, View, Edit, Delete |
Journal.Email | Add, View, Edit, Delete |
JournalEmailCategory | Add, View, Edit, Delete |
JournalNoteCategory | Add, View, Edit, Delete |
JournalNoteSource | Add, View, Edit, Delete |
JournalType | Add, View, Edit, Delete |
Location | Add, View, Edit, Delete |
OrganizationUnit | Add, View, Edit, Delete |
Profile | Add, View, Edit, Delete |
Profile.BusinessUnit | Add, View, Edit, Delete |
ProfileEmployeeStatus | Add, View, Edit, Delete |
ServiceAggrement | Add, View, Edit, Delete |
StandarduserTeam | Add, View, Edit, Delete |
task | Add, View, Edit, Delete |
Urgency | Add, View, Edit, Delete |
Note
The permission mentioned here is for the default mapping, the permission for business objects may vary if the fields were changed or custom fields are added.
API Details
List of APIs used
Use Case | Method | Endpoint |
---|---|---|
Get auth token | POST | api/rest/authentication/login |
Get fields for mapping | GET | /api/odata/incidents/$metadata |
Create incidents on Ivanti | POST | /api/odata/businessobject/incidents |
Update incidents | PATCH | /api/odata/businessobject/incidents(<IIncident Record ID’) |
Sync State | GET | /api/odata/businessobject/incidents |
Get Auth token
API Endpoint: api/rest/authentication/login
Method: POST
Headers:
Key | Value |
---|---|
User-Agent | netskope-ce-5.0.1-cto-ivanti-v1.0.0 |
Accept | application/json |
Content-Type | application/json |
Parameters:
Key | Value |
---|---|
tenant | Tenant domain, netskope.try.com |
username | <Username> |
password | <Password> |
role | <Internal Role> |
Sample API Response:
"netskope-try.trysaasit.com#2RGH742EKKELQ7LA1BDQUGBUTOEAG9G1#2"
Validate Employee Record ID
API Endpoint: /api/odata/businessobject/employees(‘Employee Record ID’)
Method: GET
Headers:
Key | Value |
---|---|
User-Agent | netskope-ce-5.0.1-cto-ivanti-v1.0.0 |
Accept | application/json |
Content-Type | application/json |
Sample API Response:
{ "@odata.context": "https://netskope-try.trysaasit.com/api/odata/$metadata#employees/$entity", "InitialNotReadyReasonValue_Valid": null, "InitialNotReadyReasonValue": null, "Address1": null, "Address1City": null, "Address1Country": null, "Address1State": null, "Address1Zip": null, "Birthdate": null, "BusinessUnit": null, "BusinessUnitID": null, "ContactId": "e9c4fd8f-6fe1-ee11-b717-000d3a19b96f", "CostCentre": null, "CreatedBy": "Admin", "CreatedDateTime": "2024-03-13T19:26:17.76Z", "CreationMethod_Valid": null, "CreationMethod": null, "Department_Valid": null, "Department": null, "DepartmentCode": null, "Department_Sync": null, "Disabled": false, "DisplayName": "Gary Jenkins", "EmployeeInformation": null, "EmployeeLocation_Valid": null, "EmployeeLocation": null, "EmployeePhoto": "", "EmployeePhotoName": null, "EmployeePhotoRevision": 10, "EnableIPCMIntegration": false, "FirstName": "Gary", "Floor": null, "HiredDate": null, "IPCM_AgentGroup_Valid": null, "IPCM_AgentGroup": null, "IPCM_Audited_Valid": "CCAF93D28E8F46BBB2BB83C8B893A9D1", "IPCM_Audited": "Group Defined", "IPCM_Description": null, "IPCM_EnableIPCMUser": false, "IPCM_InitialAgentStatus_Valid": "B095CE75D44545AFA9A4A5439FA001C7", "IPCM_InitialAgentStatus": "Group Defined", "IPCM_InitialNotReadyReason_Valid": "CB9517EAD27A4A81BFB6618221DED1EB", "IPCM_InitialNotReadyReason": "Group Defined", "IPCM_NotReadyRequired_Valid": "EEA8091CF845481FA82E79303D9AB87D", "IPCM_NotReadyRequired": "Group Defined", "IPCM_OverrideDN": null, "IPCM_RecordingPct": null, "IPCM_SearchableByName": false, "IPCM_UILanguage_Valid": null, "IPCM_UILanguage": null, "IPCM_VOIPLink_Category": null, "IPCM_VOIPLink_RecID": null, "IPCM_VOIPLink": null, "IPCM_VoiceAgent": false, "IPCM_VoiceSupervisor": false, "IPCM_WrapupSeconds": 0, "IPCM_WrapupTimeout_Valid": "2324B2F832D541A08D7B35942120B59E", "IPCM_WrapupTimeout": "Group Defined", "IVRPinCode": null, "IdentityId": "eac4fd8f-6fe1-ee11-b717-000d3a19b96f", "InternalAuthPasswd": "", "InternalPwdDateTime": "2024-03-13T19:26:17.76Z", "IsAutoProvisioned": false, "IsExternalAuth": false, "IsInternalAuth": true, "IsNamedUser": false, "LastExternalLoginId": null, "LastModBy": "Admin", "LastModDateTime": "2024-04-08T08:36:56Z", "LastName": "Jenkins", "LoginID": "gjenkins@netskope.com", "ManagerEmail": null, "ManagerLink_Category": null, "ManagerLink_RecID": null, "ManagerLink": null, "MiddleName": null, "NetworkUserName": "gjenkins@netskope.com", "NotificationLink_Category": null, "NotificationLink_RecID": null, "NotificationLink": null, "OrgUnitLink_Category": "OrganizationalUnit", "OrgUnitLink_RecID": "978ABB09369944C1991468FC458F488E", "OrgUnitLink": "978ABB09369944C1991468FC458F488E", "EntityLink_Category": "OrganizationalUnit", "EntityLink_RecID": "978ABB09369944C1991468FC458F488E", "EntityLink": "978ABB09369944C1991468FC458F488E", "OrganizationalUnit": "Default", "Owner_Valid": "FB884D18F7B746A0992880F2DFFE749C", "Owner": "Admin", "ParentLink_Category": null, "ParentLink_RecID": null, "ParentLink": null, "PasswordExpiration": true, "PrimaryPhone": null, "Phone1": null, "Phone2": null, "Prefix_Valid": null, "Prefix": null, "PrimaryEmail": "gjenkins@netskope.com", "ProfileID": null, "ReadOnly": false, "RecId": "F7177FFB09B44D159B1ADE379A5D1BC7", "RegionLink_Category": null, "RegionLink_RecID": null, "RegionLink": null, "Room": null, "Status_Valid": "427831F3A1234345A495A1F144C15158", "Status": "Active", "Suffix_Valid": null, "Suffix": null, "Supervisor": null, "Team_Valid": "2E4BABD54FB9420D94F836F0D9B80C47", "Team": "Service Desk", "TeamEmail": "change@example.com", "TeamManagerEmail": "change@example.com", "TempInternalAuthPassword": "", "TempPwdDatetime": null, "TerminatedDate": null, "Title_Valid": null, "Title": null, "Title_Sync": null, "VIP": false, "ReportedByLink_Category": null, "ReportedByLink_RecID": null, "ReportedByLink": null, "LocationLink_Category": null, "LocationLink_RecID": null, "LocationLink": null, "DefaultChargingAccount_Valid": null, "DefaultChargingAccount": null, "DN": null, "Language_Valid": null, "Language": null, "RemoteControlUID": null, "RemoteControlPwd": null, "Address1Line2": null, "NamedLicenseBundle_Valid": null, "NamedLicenseBundle": null, "CreationSource": null, "LockDate": null, "LoginAttemptCount": 0, "CustID": null, "SLAClass_Valid": null, "SLAClass": null, "LockType": "", "Phone1Ext": null, "Phone2Ext": null, "WeeklyAvailability": null, "GlobalId": null, "LoginId_Name": null, "ivnt_Director": null, "ivnt_CurrencyText": null, "ivnt_Country": null, "ivnt_HRCaseLink_Category": null, "ivnt_HRCaseLink_RecID": null, "ivnt_HRCaseLink": null, "Emp_LoginId": null, "ivnt_WorkOrderlink_Category": null, "ivnt_WorkOrderlink_RecID": null, "ivnt_WorkOrderlink": null, "ivnt_BuildingLink_Category": null, "ivnt_BuildingLink_RecID": null, "ivnt_BuildingLink": null, "ivnt_CubicleLink_Category": null, "ivnt_CubicleLink_RecID": null, "ivnt_CubicleLink": null, "ivnt_FloorLink_Category": null, "ivnt_FloorLink_RecID": null, "ivnt_FloorLink": null, "ivnt_BuildingName": null, "ivnt_FloorName": null, "ivnt_CubicleNumber": null, "ivnt_UpdateBuilding_Valid": null, "ivnt_UpdateBuilding": null, "ivnt_UpdateFloor_Valid": null, "ivnt_UpdateFloor": null, "ivnt_UpdateLocation_Valid": null, "ivnt_UpdateLocation": null, "BuildingName": null, "AccessListOrgUnit": null, "AzureAD_ID": null, "ROLE_TO_LINK": null, "nrn_FullName": null, "nrn_Gender": null, "nrn_MaritalStatus_Valid": null, "nrn_MaritalStatus": null, "nrn_CitizenshipStatus": null, "nrn_MilitaryServiceStatus": null, "nrn_ExemptionStatus": false, "nrn_PersonalEmail": null, "nrn_InternationalWorkPhone": null, "nrn_InternationalMobilePhone": null, "nrn_MailingAddress": null, "nrn_MailingAddress2": null, "nrn_MailingCIty": null, "nrn_MailingProvinceState": null, "nrn_MailingPostalCode": null, "nrn_MailingCountry": null, "nrn_MailingCountryCode": null, "nrn_MaritalStatusEffectiveDate": null, "nrn_PositionID": null, "nrn_JobProfile": null, "nrn_WorkerType": null, "nrn_EffectiveDate": null, "nrn_PayRateType": null, "nrn_ScheduledWeeklyHours": null, "nrn_PositionTimeType": null, "nrn_JobExempt": null, "nrn_FirstDateOfWork": null, "nrn_IsAManager": false, "nrn_ManagementLevel": null, "nrn_Terminated": false, "nrn_Retired": false, "nrn_RetriementDate": null, "nrn_EmergencyContact": null, "nrn_WorkPhone": null, "nrn_InternationalPhone": null, "nrn_Address": null, "nrn_City": null, "nrn_State": null, "nrn_PostalCode": null, "nrn_HomePhone": null, "nrn_Relationship": null, "nrn_SecondEmergencyContact": null, "nrn_ICE_WorkPhone": null, "nrn_ICE_InternationalPhone": null, "nrn_ICE_Address": null, "nrn_ICE_City": null, "nrn_ICE_State": null, "nrn_ICE_PostalCode": null, "nrn_ICE_HomePhone": null, "nrn_ICE_Relationship": null, "nrn_ICE2_WorkPhone": null, "nrn_ICE2_InternationalPhone": null, "nrn_ICE2_Address": null, "nrn_ICE2_City": null, "nrn_ICE2_State": null, "nrn_ICE2_PostalCode": null, "nrn_ICE2_HomePhone": null, "nrn_ICE2_Relationship": null, "CostCenterLink_RecID_Category": null, "CostCenterLink_RecID_RecID": null, "CostCenterLink_RecID": null, "nrn_DailyHours": null, "nrn_OperationalPercent": 0.00, "nrn_AvailableHours": null, "nrn_RemainingCapacity": null, "nrn_NumberOfDaysRequested": null, "nrn_TotalAllocatedHours": null, "nrn_TaskStartDate": null, "nrn_TaskEndDate": null, "nrn_TaskStartDateCTime": 1712565416, "nrn_TaskEndDateCTime": 1712565416, "nrn_OperationalHours": null, "extensionAttributes": null, "extensionAttribute1": null, "extensionAttribute2": null, "extensionAttribute3": null, "extensionAttribute4": null, "extensionAttribute5": null, "extensionAttribute6": null, "extensionAttribute7": null, "extensionAttribute8": null, "extensionAttribute9": null, "extensionAttribute10": null, "extensionAttribute11": null, "extensionAttribute12": null, "extensionAttribute13": null, "extensionAttribute14": null, "extensionAttribute15": null, "DexClass": null, "DexScore": 0, "DexScoreDate": null, "nrn_AutoCreateTimesheet": false }
Get Fields for Mapping
API Endpoint: /api/odata/incidents/$metadata
Method: GET
Headers:
Key | Value |
---|---|
User-Agent | netskope-ce-5.0.1-cto-ivanti-v1.0.0 |
Accept | application/json |
Content-Type | application/json |
Authorization | <Auth token> => Basic Auth |
rest_api_key=<API Key> => API Key Auth |
Sample API Response:
<?xml version="1.0" encoding="utf-8"?> <edmx:Edmx Version="4.0" xmlns:edmx="http://docs.oasis-open.org/odata/ns/edmx"> <edmx:DataServices> <Schema Namespace="MetaData" xmlns="http://docs.oasis-open.org/odata/ns/edm"> <EntityType Name="incident"> <Key> <PropertyRef Name="RecId" /> </Key> <Property Name="ActualCategory_Valid" Type="Edm.String" MaxLength="32" Unicode="false" /> <Property Name="ActualCategory" Type="Edm.String" MaxLength="60" /> <Property Name="CreatedDateTime" Type="Edm.DateTimeOffset" /> <Property Name="Email" Type="Edm.String" MaxLength="255" /> Type="Collection(MetaData.ivnt_chat)"> <OnDelete Action="Cascade" /> </NavigationProperty> <NavigationProperty Name="IncidentAssocIncidentNeuronIntegration" Type="Collection(MetaData.incident)"> <OnDelete Action="Cascade" /> </NavigationProperty> <NavigationProperty Name="ivnt_SecurityIncidentAssocIncidentNeuronsIntegration" Type="Collection(MetaData.ivnt_securityincident)"> <OnDelete Action="Cascade" /> </NavigationProperty> <NavigationProperty Name="MicrosoftTeamsUserDetailsAssocIncident" Type="Collection(MetaData.ivnt_microsoftteamsuserdetails)"> <OnDelete Action="Cascade" /> </NavigationProperty> <NavigationProperty Name="ivnt_GRCRiskAssocIncident" Type="Collection(MetaData.ivnt_grcrisk)"> <OnDelete Action="Cascade" /> </NavigationProperty> <NavigationProperty Name="ivnt_GRCAuditAssocIncident" Type="Collection(MetaData.ivnt_grcaudit)"> <OnDelete Action="Cascade" /> </NavigationProperty> </EntityType> </Schema> </edmx:DataServices> </edmx:Edmx>
Create Incidents on Ivanti
API Endpoint: /api/odata/businessobject/incidents
Method: POST
Headers:
Key | Value |
---|---|
User-Agent | netskope-ce-5.0.1-cto-ivanti-v1.0.0 |
Accept | application/json |
Content-Type | application/json |
Authorization | <Auth token> => Basic Auth |
rest_api_key=<API Key> => API Key Auth |
Parameters:
Key | Value |
---|---|
ProfileLink | <Employee Record ID> |
Symptom | Incident Description |
Subject | Incident Summary |
Status | Logged |
Sample API Response:
{ "@odata.context": "/api/odata/$metadata#incidents/$entity", "ActualCategory_Valid": null, "ActualCategory": null, "Category_Valid": null, "Category": null, "CauseCode_Valid": null, "CauseCode": null, "ClosedBy": null, "ClosedDateTime": null, "ClosedDuration": null, "CreatedBy": "test@gmail.com", "CreatedDateTime": "2024-04-09T06:21:22Z", "Email": "gjenkins@netskope.com", "FirstCallResolution": false, "Impact_Valid": null, "Impact": null, "IncidentNumber": 78986, "IsNotification": true, "IsVIP": false, "IsWorkAround": false, "LastModBy": "InternalServices", "LastModDateTime": "2024-04-09T06:21:25Z", "Phone": null, "Priority_Valid": "29CD5D78E16F4D82916C3E933A600096", "Priority": "3", "ProfileFullName": "Gary Jenkins", "ProfileLink_Category": "Employee", "ProfileLink_RecID": "F7177FFB09B44D159B1ADE379A5D1BC7", "ProfileLink": "F7177FFB09B44D159B1ADE379A5D1BC7", "RecId": "C9DF0BC0489447FEAC558BA55AEF17B9", "Resolution": null, "Service_Valid": "A912E98E55844765934A787FF3586F34", "Service": "Service Desk", "SLA": "", "SLALink_Category": null, "SLALink_RecID": null, "SLALink": null, "Source_Valid": "EF789CE160E742F99623DBB4D29C045C", "Source": "Phone", "Status_Valid": "AB3D0090B6D8471FB0D2720D301A22AF", "Status": "Logged", "Subject": "Create Incident test", "Symptom": "I would like to create an incident", "Urgency_Valid": null, "Urgency": null, "LoginId": "gjenkins@netskope.com", "Owner_Valid": null, "Owner": null, "OwnerTeam_Valid": "F2E66A400FF24786878B4ECC2B181220", "OwnerTeam": "Security", "OwnerType": "Employee", "IsNewRecord": false, "AlternateContactLink_Category": null, "AlternateContactLink_RecID": null, "AlternateContactLink": null, "ResolvedDateTime": null, "ResolvedBy": null, "HoursOfOperation_Valid": "FF57246B2E0047D193C1AEC1011D746B", "HoursOfOperation": "Weekly HOP", "OwnerEmail": null, "OwnerTeamEmail": "Security@demokit.org", "OwnershipAssignmentEmail": "Security@demokit.org", "CustomerLocation_Valid": null, "CustomerLocation": null, "IsReportedByAlternateContact": false, "ResolutionEscLink_Category": null, "ResolutionEscLink_RecID": null, "ResolutionEscLink": null, "ResponseEscLink_Category": null, "ResponseEscLink_RecID": null, "ResponseEscLink": null, "WaitingEscLink_Category": "Frs_data_escalation_watch", "WaitingEscLink_RecID": "074369560CF74DBAA119C72896C43D8D", "WaitingEscLink": "074369560CF74DBAA119C72896C43D8D", "ClosingEscLink_Category": null, "ClosingEscLink_RecID": null, "ClosingEscLink": null, "AlternateContactEmail": null, "OrganizationUnitID": "Default", "ReportingOrgUnitID_Valid": "978ABB09369944C1991468FC458F488E", "ReportingOrgUnitID": "Default", "TypeOfIncident": "Failure", "AlternateContactPhone": null, "TeamManagerEmail": "DemoFM.user@ivanticlouddev.com", "ProblemLink_Category": null, "ProblemLink_RecID": null, "ProblemLink": null, "CustomerDepartment": null, "ActualService_Valid": "A912E98E55844765934A787FF3586F34", "ActualService": "Service Desk", "CostPerMinute_Currency": "USD", "CostPerMinute_CurrencyValid": null, "CostPerMinute": "0.8000", "IsInFinalState": false, "IsReclassifiedForResolution": false, "KnowledgeLink_Category": null, "KnowledgeLink_RecID": null, "KnowledgeLink": null, "PreviousState": null, "ResolvedByIncidentNumber": null, "TotalTimeSpent": null, "RespondedBy": null, "RespondedDateTime": null, "OrgUnitLink_Category": "OrganizationalUnit", "OrgUnitLink_RecID": "978ABB09369944C1991468FC458F488E", "OrgUnitLink": "978ABB09369944C1991468FC458F488E", "OwningOrgUnitId_Valid": "978ABB09369944C1991468FC458F488E", "OwningOrgUnitId": "Default", "ProgressBarPosition": "1", "ResolvedByType": null, "ReportedBy": null, "NewNotes": null, "CreatedByType": "Web Client", "SLADisplayText": "", "ServiceReqLink_Category": null, "ServiceReqLink_RecID": null, "ServiceReqLink": null, "ReadOnly": false, "Cost_Currency": "USD", "Cost_CurrencyValid": null, "Cost": "0.0000", "IncidentDetailWorkflowTag": null, "IncidentDetailSummary": null, "IsApprovalNeeded": false, "Approver_Valid": null, "Approver": null, "IsDSMTaskExisted": false, "ApprovalStatus": null, "SocialTextHeader": "Incident 78986: Create Incident test", "Subcategory_Valid": null, "Subcategory": null, "helpdesk_Priority_Valid": null, "helpdesk_Priority": null, "ViewType": null, "IncidentNetworkUserName": "gjenkins@netskope.com", "SendSurveyNotification": true, "EntityLink_Category": "OrganizationalUnit", "EntityLink_RecID": "978ABB09369944C1991468FC458F488E", "EntityLink": "978ABB09369944C1991468FC458F488E", "EventCIRecId": null, "IsMasterIncident": false, "IsResolvedByMaster": false, "MasterIncidentLink_Category": null, "MasterIncidentLink_RecID": null, "MasterIncidentLink": null, "ServiceOwnerEmail": "admin@saasitdemo.com", "IsRelatedIncidentUpdate": false, "IsRelatedIncidentResolutionUpdate": false, "IsUnRead": false, "HRCaseLink_Category": null, "RecomCategory": null, "RecomSubCategory": null, "IsRunTicketClassification": true, "GRCRiskLink_Category": null, "GRCRiskLink_RecID": null, "GRCRiskLink": null, "TestField": null, }
Update Incidents
API Endpoint: /api/odata/businessobject/incidents(<Incident Record ID’)
Method: PATCH
Headers:
Key | Value |
---|---|
User-Agent | netskope-ce-5.0.1-cto-ivanti-v1.0.0 |
Accept | application/json |
Content-Type | application/json |
Authorization | <Auth token> => Basic Auth |
rest_api_key=<API Key> => API Key Auth |
Parameters:
Key | Value |
---|---|
NewNotes | Received a new alert with Alert ID: <Alert ID> and Alert Name: <Alert Name> in Cloud Exchange. |
Sample API Response:
{ "@odata.context": "/api/odata/$metadata#incidents/$entity", "ActualCategory_Valid": "14348C1FFA044D8AB1E93005B4A0A287", "ActualCategory": "Missing Item", "Category_Valid": "14348C1FFA044D8AB1E93005B4A0A287", "Category": "Missing Item", "CauseCode_Valid": "E2489F3F7DA34B898CCD9569CA5541F2", "CauseCode": "Other", "ClosedBy": "JClerk", "ClosedDateTime": "2019-10-16T07:09:48Z", "ClosedDuration": 37843200, "CreatedBy": "JClerk", "CreatedDateTime": "2019-10-10T06:42:48Z", "Email": "KDavidson@saasitdemo.com", "FirstCallResolution": false, "Impact_Valid": "1AFFC174C7EA4AB79CCA6B15EB67006D", "Impact": "Medium", "IncidentNumber": 10244, "IsNotification": true, "IsVIP": false, "IsWorkAround": false, "LastModBy": "test@gmail.com", "LastModDateTime": "2024-04-09T06:31:02Z", "Phone": "+61.2.8080.3300\r\n", "Priority_Valid": "29CD5D78E16F4D82916C3E933A600096", "Priority": "3", "ProfileFullName": "Karen R Davidson", "ProfileLink_Category": "Employee", "ProfileLink_RecID": "E07CFB09AB324E0E8D49993D3F0C3C75", "ProfileLink": "E07CFB09AB324E0E8D49993D3F0C3C75", "RecId": "003B58C0B4554E4BAA30DFD88876582A", "Resolution": "Resolved with user", "Service_Valid": "1D2C6534C7F247B3A81DF7C205F48DCA", "Service": "Facilities Management", "SLA": "", "SLALink_Category": null, "SLALink_RecID": null, "SLALink": null, "Source_Valid": "FF0467C231124B2FA2DB2156632C8A92", "Source": "Email", "Status_Valid": "2905321A3B12477A82E94E289F47786B", "Status": "Closed", "Subject": "Remote control for projector in Boardroom is are missing ", "Symptom": "This is an issue as it is roof mounted and cannot be switched on/off without the remote", "Urgency_Valid": "44021B6CC6E44E598868C4B3306053AE", "Urgency": "Medium", "LoginId": "KDavidson", "Owner_Valid": "5918944FE08C4F088C5E02E27DB7C6E3", "Owner": "Jacob.Clerk", "OwnerTeam_Valid": "2E4BABD54FB9420D94F836F0D9B80C47", "OwnerTeam": "Service Desk", "OwnerType": "Profile.Employee", "IsNewRecord": false, "AlternateContactLink_Category": null, "AlternateContactLink_RecID": null, "AlternateContactLink": null, "ResolvedDateTime": "2019-10-13T06:42:48Z", "ResolvedBy": "JClerk", "HoursOfOperation_Valid": null, "HoursOfOperation": "Weekly HOP", "OwnerEmail": "jacob.Clerk@saasitdemo.com", "OwnerTeamEmail": "change@example.com", "OwnershipAssignmentEmail": "change@example.com", "CustomerLocation_Valid": null, "CustomerLocation": "Western Europe", "IsReportedByAlternateContact": false, "AlternateContactEmail": null, "OrganizationUnitID": null, "ReportingOrgUnitID_Valid": null, "ReportingOrgUnitID": null, "TypeOfIncident": "Failure", "AlternateContactPhone": null, "TeamManagerEmail": "change@example.com", "ProblemLink_Category": null, "ProblemLink_RecID": null, "ProblemLink": null, "CustomerDepartment": "Accounting", "ActualService_Valid": "1D2C6534C7F247B3A81DF7C205F48DCA", "ActualService": "Facilities Management", "CostPerMinute_Currency": "USD", "CostPerMinute_CurrencyValid": null, "CostPerMinute": "0.4000", "IsInFinalState": false, "IsReclassifiedForResolution": false, "KnowledgeLink_Category": null, "KnowledgeLink_RecID": null, "KnowledgeLink": null, "PreviousState": null, "ResolvedByIncidentNumber": null, "TotalTimeSpent": 170.00, "RespondedBy": null, "RespondedDateTime": null, "OrgUnitLink_Category": "OrganizationalUnit", "OrgUnitLink_RecID": null, "OrgUnitLink": null, "OwningOrgUnitId_Valid": "FA9C9DD75EF9455CBC892F65691A1E7F", "OwningOrgUnitId": "Corporate IT Operations", "ProgressBarPosition": "5", "ResolvedByType": "Agent", "ReportedBy": null, "NewNotes": null, "CreatedByType": "Web Client", "SLADisplayText": "", "AddChatconversationtoActivityHistory": false, "ivnt_TeamsUserDetailsLink_Category": null, "ivnt_TeamsUserDetailsLink_RecID": null, "ivnt_TeamsUserDetailsLink": null, "VirimaAssetID": null, "RecommendedCategory": null, "RecommendedService": null, "RecommendedSubCategory": null, "Accuracy": null, "IsRecommended": false, "RecomService": null, "RecomCategory": null, "RecomSubCategory": null, "IsRunTicketClassification": false, "GRCRiskLink_Category": null, "GRCRiskLink_RecID": null, "GRCRiskLink": null, "TestField": null, "testvrunda": "" }
Sync States
API Endpoint: /api/odata/businessobject/incidents
Method: GET
Headers:
Key | Value |
---|---|
User-Agent | netskope-ce-5.0.1-cto-ivanti-v1.0.0 |
Accept | application/json |
Content-Type | application/json |
Authorization | <Auth token> => Basic Auth |
rest_api_key=<API Key> => API Key Auth |
Parameters:
Key | Value |
---|---|
$filter | IncidentNumber eq 76947 |
Sample API Response:
{ "@odata.context": "/api/odata/$metadata#incidents", "@odata.count": 1, "value": [ { "ActualCategory_Valid": "E9EC7ADA85A84F82A30474C6A5425046", "ActualCategory": "Capacity", "Category_Valid": "E9EC7ADA85A84F82A30474C6A5425046", "Category": "Capacity", "CauseCode_Valid": "D8F223FA930E480883ECA4270B471631", "CauseCode": "Configuration", "ClosedBy": null, "ClosedDateTime": null, "ClosedDuration": null, "CreatedBy": "gjenkins@netskope.com", "CreatedDateTime": "2024-04-05T07:06:51Z", "Email": "gjenkins@netskope.com", "FirstCallResolution": false, "Impact_Valid": null, "Impact": null, "IncidentNumber": 76947, "IsNotification": true, "IsVIP": false, "IsWorkAround": false, "LastModBy": "gjenkins@netskope.com", "LastModDateTime": "2024-04-05T08:29:52Z", "Phone": null, "Priority_Valid": "29CD5D78E16F4D82916C3E933A600096", "Priority": "3", "ProfileFullName": "Gary Jenkins", "ProfileLink_Category": "Employee", "ProfileLink_RecID": "F7177FFB09B44D159B1ADE379A5D1BC7", "ProfileLink": "F7177FFB09B44D159B1ADE379A5D1BC7", "RecId": "1B261B1112714F16A0AC32ADD656E380", "Resolution": "None", "Service_Valid": "A912E98E55844765934A787FF3586F34", "Service": "Service Desk", "SLA": "", "SLALink_Category": null, "SLALink_RecID": null, "SLALink": null, "Source_Valid": "EF789CE160E742F99623DBB4D29C045C", "Source": "Phone", "Status_Valid": "D562C1C0DF4742CB8D60276059C3B828", "Status": "Resolved", "Subject": "Netskope CE alert: CE Log", "Symptom": "Alert ID: 660f9f3cc7f5d74ff884d87b App: Cloud Exchange Alert Name: CE Log Alert Type: Log App Category: CE User: ", "Urgency_Valid": null, "Urgency": null, "LoginId": "gjenkins@netskope.com", "Owner_Valid": "FB884D18F7B746A0992880F2DFFE749C", "Owner": "Admin", "OwnerTeam_Valid": "2E4BABD54FB9420D94F836F0D9B80C47", "OwnerTeam": "Service Desk", "OwnerType": "Employee", "IsNewRecord": false, "AlternateContactLink_Category": null, "AlternateContactLink_RecID": null, "AlternateContactLink": null, "ResolvedDateTime": "2024-04-05T08:29:07Z", "ResolvedBy": "gjenkins@netskope.com", "HoursOfOperation_Valid": "FF57246B2E0047D193C1AEC1011D746B", "HoursOfOperation": "Weekly HOP", "OwnerEmail": "admin@saasitdemo.com", "OwnerTeamEmail": "change@example.com", "OwnershipAssignmentEmail": "change@example.com", "CustomerLocation_Valid": null, "CustomerLocation": null, "IsReportedByAlternateContact": false, "ResolutionEscLink_Category": "Frs_data_escalation_watch", "ResolutionEscLink_RecID": "AE123197807D419CA87020B37249A1B7", "ResolutionEscLink": "AE123197807D419CA87020B37249A1B7", "ResponseEscLink_Category": "Frs_data_escalation_watch", "ResponseEscLink_RecID": "78B7171E0F564057BAED0C074E4996BD", "ResponseEscLink": "78B7171E0F564057BAED0C074E4996BD", "WaitingEscLink_Category": "Frs_data_escalation_watch", "WaitingEscLink_RecID": "EDFE3DABC0324A92845CAA0CD59E7060", "WaitingEscLink": "EDFE3DABC0324A92845CAA0CD59E7060", "ClosingEscLink_Category": "Frs_data_escalation_watch", "ClosingEscLink_RecID": "A735155654E3423A844284B07C362FED", "ClosingEscLink": "A735155654E3423A844284B07C362FED", "AlternateContactEmail": null, "OrganizationUnitID": "Default", "ReportingOrgUnitID_Valid": "978ABB09369944C1991468FC458F488E", "ReportingOrgUnitID": "Default", "TypeOfIncident": "Failure", "AlternateContactPhone": null, "TeamManagerEmail": "change@example.com", "ProblemLink_Category": null, "ProblemLink_RecID": null, "ProblemLink": null, "CustomerDepartment": null, "ActualService_Valid": "A912E98E55844765934A787FF3586F34", "ActualService": "Service Desk", "CostPerMinute_Currency": "USD", "CostPerMinute_CurrencyValid": null, "CostPerMinute": "0.4000", "IsInFinalState": false, "IsReclassifiedForResolution": false, "KnowledgeLink_Category": null, "KnowledgeLink_RecID": null, "KnowledgeLink": null, "PreviousState": null, "ResolvedByIncidentNumber": null, "TotalTimeSpent": 0.00, "RespondedBy": "gjenkins@netskope.com", "RespondedDateTime": "2024-04-05T07:09:45Z", "OrgUnitLink_Category": "OrganizationalUnit", "OrgUnitLink_RecID": "978ABB09369944C1991468FC458F488E", "OrgUnitLink": "978ABB09369944C1991468FC458F488E", "OwningOrgUnitId_Valid": "4A05123D660F408997A4FEE714DAD111", "OwningOrgUnitId": "GMI", "ProgressBarPosition": "4", "ResolvedByType": "Agent", "ReportedBy": null, "NewNotes": null, "CreatedByType": "Web Client", "SLADisplayText": "", "ServiceReqLink_Category": null, "ServiceReqLink_RecID": null, "ServiceReqLink": null, "ReadOnly": false, "Cost_Currency": "USD", "Cost_CurrencyValid": null, "Cost": "0.0000", "IncidentDetailWorkflowTag": null, "IncidentDetailSummary": null, "IsApprovalNeeded": false, "Approver_Valid": null, "Approver": null, "IsDSMTaskExisted": false, "ApprovalStatus": null, "SocialTextHeader": "Incident 76947: Netskope CE alert: CE Log", "Subcategory_Valid": null, "Subcategory": null, "helpdesk_Priority_Valid": null, "helpdesk_Priority": null, "ViewType": null, "IncidentNetworkUserName": "gjenkins@netskope.com", "SendSurveyNotification": true, "EntityLink_Category": "OrganizationalUnit", "EntityLink_RecID": "978ABB09369944C1991468FC458F488E", "EntityLink": "978ABB09369944C1991468FC458F488E", "EventCIRecId": null, "IsMasterIncident": false, "IsResolvedByMaster": false, "MasterIncidentLink_Category": null, "MasterIncidentLink_RecID": null, "MasterIncidentLink": null, "ServiceOwnerEmail": "admin@saasitdemo.com", "IsRelatedIncidentUpdate": false, "ivnt_UpdateRFI": "Chat Incident(s)", "AddChatconversationtoActivityHistory": false, "ivnt_TeamsUserDetailsLink_Category": null, "ivnt_TeamsUserDetailsLink_RecID": null, "ivnt_TeamsUserDetailsLink": null, "VirimaAssetID": null, "RecommendedCategory": null, "RecommendedService": null, "RecommendedSubCategory": null, "Accuracy": null, "GRCRiskLink_RecID": null, "GRCRiskLink": null, "TestField": null, } ] }
Performance Matrix
These readings are collected on a Large CE Stack with below-mentioned specifications by running the plugin for a few hours in order to create a ticket/incident.
Stack details | Size: Large RAM: 32 GB CPU: 16 Cores |
Ticket/Incidents created on Ivanti | ~110 per minute |
User Agent
netskope-ce-5.0.1-cto-ivanti-v1.0.0
Workflow
- Create a User Role.
- Get an API Key.
- Fetch an Employee Record ID (Rec ID).
- Create a Custom Field.
- Configure the Ivanti plugin.
- Configure a Business Rule.
- Configure a Queue.
- Validate the plugin.
Click play to watch a video.
Create a User Role on Ivanti
- Log in to your Ivanti platform and go to Settings > Users and Permissions > Roles.
- Click Add New.
- Under Role Details, enter a Role and a Display Name.
Note
The name entered in the Role tab will be used as the internal Role name in the plugin configuration.
- Go to the next tab Top Level Tabs and click Add New Tab. Select Object Workspace.
- Enter the name example incident, select Incident in Object, and select IncidentLayout.ServiceDesk in Layout.
- Click Add this Tab and move to next tab, Object Permissions. Provide the required permissions.
Note
The permission mentioned here is for the default mapping, the permission for business objects may vary if the fields were changed.
- Click Save.
Note
Use this Role to create an API Key, as well as Creating an Employee.
Get an API Key
- Go to the Settings > Security Controls > API Keys.
- Select Key groups for which you want to create an API Key.
- Click Add API Keys and enter the API Key description. Select the user for which the Key is to be created (the previously created User Role) and click Save. Move back to the previous tab. The API Key will be created to be used in the plugin configuration.
Fetch the Employee Record ID (Rec ID)
- To fetch the Employee Record ID, go to More > Employee.
- From the All dropdown list, select New Saved Search.
- Filter the employee name based on their display name, along with a filter where their record ID is not empty, as shown below. You will see the RecID column. Copy the RecID for your user to use it in the plugin configuration.
Create a Custom Field
- Go to Settings > Business Objects > Incidents > Fields and click Add New Field.
- Select the Type of field you want to create from the options shown below.
- Enter a Field Name, Display Name, and Field Attributes.
- Click Add This Field, and then click Save. The field will be added.
Note
The custom field added on Ivanti takes a few hours to reflect in Cloud Exchange. After the fields is reflected, it can be seen in the Target Fields in the Queue configuration.
Configure the Ivanti Plugin
- Log in to Cloud Exchange and go to Settings > Plugins. Search for and select the CTO Ivanti plugin box to configure the plugin.
- Enter a Configuration Name and change the Sync Interval as per your requirement. Click Next.
- Enter these parameters and click Next:
- Ivanti Tenant URL: Platform URL for your Ivanti
- Authentication Method: Select the type of Authentication method you want to use. Basic Authentication (using Username and Password of Ivanti) and API Key Authentication using API Generated from Ivanti (as shown in above steps)
- Employee Record ID (RecID): Employee Record ID of the user.
- For Authentication Method as Basic Authentication, enter these parameters:
- Username: User of your Ivanti platform.
- Password: Password associated with the user for Ivanti.
- Ivanti User Role: Internal User Role name assigned to Ivanti User.
- If you have selected the API Key Authentication Method, provide the below details:
- API Key: API Key created previously for the user.
- Click Save.
Configure a Ticket Orchestrator Business Rule for the Ivanti Plugin
Create a business rule based on the filters you need to generate incidents/tickets in the Ivanti plugin.
- In Ticket Orchestrator, select Business Rules.
- Click Create New Rule.
- Enter an appropriate Rule Name in the text box, and build the appropriate filter query condition on the field(s) for the business rule. You can also type the query manually by pressing the Filter Query button.
- Click Save.
- To test the newly created business rule, click Sync, enter the Time period (in days), and click Fetch. This will show the number of alerts that are eligible for incident/ticket creation.
Configure a Ticket Orchestrator Queue for the Ivanti Plugin
- In Ticket Orchestrator, select Queues.
- Click Add Queue Configuration, and select your Business Rule, your Ivanti plugin (Configuration), and queue from the dropdown.
- Click Save, and the sync the queue (if you already have the alerts pulled).
Note
If you want to use any other field visible on Ivanti when the incident is created, it is expected to add its value as a part of the Custom Message. Make sure to provide only supported values for the field, or else the value won’t be reflected when the incident is created.
Validate the Ivanti Plugin
Validate on Netskope CE
To validate the incident creation, update and sync in Cloud Exchange, and then go to Logging and filter tickets created by CTO Ivanti.
Go to Ticket Orchestrator > Tickets and check the created tickets along with their synced status.
Validate on Ivanti
To validate the ticket creation, update and sync on Ivanti:
- On the Ivanti platform, go to Incidents. All incidents that are created will be listed on the Incidents page.
Troubleshooting
Unable to generate tickets/incidents on Ivanti
Incidents can fail to be created on a platform due to one of the following reasons
- No alerts are available in CE or no new alerts are pulled.
- Business Rule has no alerts filtered.
- Sufficient Role are not added.
What to do: Find the root cause from above and select the best fit resolution.
No alerts are available in CE or no new alerts are pulled
- Check if the alerts are pulled from the CTO Netskope plugin, if no alerts are available the incident/ticket won’t be created.
- If the alerts are present and the queue was added, it might be possible that new alerts are not available to create the incidents, so manually sync the queue in order to create the tickets.
Business Rule has no alerts filtered
Check the business and test it to confirm if it has any alerts filtered. If no alerts are available in the filtering, update the business rule.
Sufficient Role are not added
Check the Roles added for the plugin.
Receiving an error while creating the incident
If the default fields are removed from the queue configuration, and or any custom field added by the user is not added in the queue, you will receive this error while trying to create the incident.
What to do:
Identify the custom added mandatory field and add the same field with its expected value in queue configuration. If no custom mandatory field is added, check the default value added in the queue. The queue configuration should have Subject, Symptom, Status fields added.
Note
Incidents will only be created with status value as Logged.
Receiving an error when a custom field is deleted on Ivanti
If you have added a custom field for creating the incidents and later on deleted the field, you might run into the 500 Internal Server error while creating incidents, or 204 No Content error while configuring the plugin configuration.
What to do:
If you have recently deleted any custom field, create the same field again or Contact the Ivanti team for further help.
Unable to see the custom field added in the incident
When a customer field is created on Ivanti and used in the queue configuration for creating the incident, the field will be mapped from Netskope CE but won’t be reflected on Ivanti when the incident is created. This is because the custom fields are not displayed in the default incident schema on Ivanti.
What to do: To check the custom added field mapped in the incident, use the custom field in the queue configuration and add some custom message or field to it. Once done, sync the queue to create the incident. Copy the reference ID generated from the Tickets page on CE, and use the below API endpoint to find the API response for the given incident. The custom field along with its value will be added in the incident.
API Endpoint: https://<iavnti_base_url>/api/odata/businessobject/incidents(<incident Reference ID>)
Limitation
The Ivanti platform has a rate limit of 100,000 API calls for 24 hours duration.Hence, if the plugin reaches the limit, it will have 3 retries with default time of 60 seconds and raise an exception in the end.