Ivanti Plugin for Ticket Orchestrator

Ivanti Plugin for Ticket Orchestrator

This document explains how to configure the CTO Ivanti plugin with the Ticket Orchestrator module of the Netskope Cloud Exchange platform. This plugin is used to create, update, sync incidents/tickets on the Ivanti Platform.

Prerequisites

  • Netskope tenant (or multiple, for example, production and development/test instances) that is already configured in Cloud Exchange.
  • A Netskope Cloud Exchange tenant with the Ticket Orchestrator module already configured.
  • Connectivity to Ivanti platform (https://<ivanti URL>)
CE Version Compatibility

Netskope CE v4.2.0, v5.0.1

Ivanti Plugin Support

Supported Alert types for incidents

Anomaly, Compromised Credentials, policy, Legal Hold, malsite, Malware, DLP, Security Assessment, watchlist, quarantine, Remediation, UBA, CTEP

Mappings
Queue Mapping
Target Fields(Ivanti API Fields) Ivanti Fields (Ivanti Platform)
subject Summary
symptom Description
status Status
newnotes Activity History
Status Mapping
Netskope CE Status Ivanti Status
New Logged
In Progress Active
On Hold Waiting for Customer
On Hold Waiting for Resolution
On Hold Waiting for 3rd Party
Other Resolved
Closed Closed
Other Cancelled
Permissions

These permissions are needed for the plugin:

Object Name Permission
Attachment Add, View, Edit, Delete
CI Add, View, Edit, Delete
CI.CloudServiceAsset Add, View, Edit, Delete
CI.Computer View, Edit
CI.Service Add, View, Edit, Delete
Category Add, View, Edit, Delete
CurrencyCode Add, View, Edit, Delete
Employee Add, View, Edit, Delete
FRS_MyItem Add, View, Edit, Delete
FRS_MyItemParentObjType Add, View, Edit, Delete
FRS_MyItemStatus Add, View, Edit, Delete
Frs_CompositeContract_Email Add, View, Edit, Delete
Frs_data_escalation_watch Add, View, Edit, Delete
Frs_def_hours_of_operation Add, View, Edit, Delete
Impact Add, View, Edit, Delete
ImpactHRAnouncment Add, View, Edit, Delete
Incident Add, View, Edit, Delete
IncidentBreachReasonCo Add, View, Edit, Delete
IncidentBreachResponsibility Add, View, Edit, Delete
IncidentCauseCode Add, View, Edit, Delete
IncidentDetails Add, View, Edit, Delete
IncidentDetailAccountLo Add, View, Edit, Delete
IncidentDetail.Employee Add, View, Edit, Delete
IncidentDetail.WebsiteFai Add, View, Edit, Delete
IncidentDetail.ActionNeeded Add, View, Edit, Delete
IncidentPriority Add, View, Edit, Delete
IncidentSource Add, View, Edit, Delete
IncidentStatus Add, View, Edit, Delete
IncidentType Add, View, Edit, Delete
Journal Add, View, Edit, Delete
Journal.Email Add, View, Edit, Delete
JournalEmailCategory Add, View, Edit, Delete
JournalNoteCategory Add, View, Edit, Delete
JournalNoteSource Add, View, Edit, Delete
JournalType Add, View, Edit, Delete
Location Add, View, Edit, Delete
OrganizationUnit Add, View, Edit, Delete
Profile Add, View, Edit, Delete
Profile.BusinessUnit Add, View, Edit, Delete
ProfileEmployeeStatus Add, View, Edit, Delete
ServiceAggrement Add, View, Edit, Delete
StandarduserTeam Add, View, Edit, Delete
task Add, View, Edit, Delete
Urgency Add, View, Edit, Delete

Note

The permission mentioned here is for the default mapping, the permission for business objects may vary if the fields were changed or custom fields are added.

API Details
List of APIs used
Use Case Method Endpoint
Get auth token POST api/rest/authentication/login
Get fields for mapping GET /api/odata/incidents/$metadata
Create incidents on Ivanti POST /api/odata/businessobject/incidents
Update incidents PATCH /api/odata/businessobject/incidents(<IIncident Record ID’)
Sync State GET /api/odata/businessobject/incidents
Get Auth token

API Endpoint: api/rest/authentication/login
Method: POST
Headers:

Key Value
User-Agent netskope-ce-5.0.1-cto-ivanti-v1.0.0
Accept application/json
Content-Type application/json

Parameters:

Key Value
tenant Tenant domain, netskope.try.com
username <Username>
password <Password>
role <Internal Role>

Sample API Response:

"netskope-try.trysaasit.com#2RGH742EKKELQ7LA1BDQUGBUTOEAG9G1#2"
Validate Employee Record ID

API Endpoint: /api/odata/businessobject/employees(‘Employee Record ID’)
Method: GET
Headers:

Key Value
User-Agent netskope-ce-5.0.1-cto-ivanti-v1.0.0
Accept application/json
Content-Type application/json

Sample API Response:

{
    "@odata.context": "https://netskope-try.trysaasit.com/api/odata/$metadata#employees/$entity",
    "InitialNotReadyReasonValue_Valid": null,
    "InitialNotReadyReasonValue": null,
    "Address1": null,
    "Address1City": null,
    "Address1Country": null,
    "Address1State": null,
    "Address1Zip": null,
    "Birthdate": null,
    "BusinessUnit": null,
    "BusinessUnitID": null,
    "ContactId": "e9c4fd8f-6fe1-ee11-b717-000d3a19b96f",
    "CostCentre": null,
    "CreatedBy": "Admin",
    "CreatedDateTime": "2024-03-13T19:26:17.76Z",
    "CreationMethod_Valid": null,
    "CreationMethod": null,
    "Department_Valid": null,
    "Department": null,
    "DepartmentCode": null,
    "Department_Sync": null,
    "Disabled": false,
    "DisplayName": "Gary Jenkins",
    "EmployeeInformation": null,
    "EmployeeLocation_Valid": null,
    "EmployeeLocation": null,
    "EmployeePhoto": "",
    "EmployeePhotoName": null,
    "EmployeePhotoRevision": 10,
    "EnableIPCMIntegration": false,
    "FirstName": "Gary",
    "Floor": null,
    "HiredDate": null,
    "IPCM_AgentGroup_Valid": null,
    "IPCM_AgentGroup": null,
    "IPCM_Audited_Valid": "CCAF93D28E8F46BBB2BB83C8B893A9D1",
    "IPCM_Audited": "Group Defined",
    "IPCM_Description": null,
    "IPCM_EnableIPCMUser": false,
    "IPCM_InitialAgentStatus_Valid": "B095CE75D44545AFA9A4A5439FA001C7",
    "IPCM_InitialAgentStatus": "Group Defined",
    "IPCM_InitialNotReadyReason_Valid": "CB9517EAD27A4A81BFB6618221DED1EB",
    "IPCM_InitialNotReadyReason": "Group Defined",
    "IPCM_NotReadyRequired_Valid": "EEA8091CF845481FA82E79303D9AB87D",
    "IPCM_NotReadyRequired": "Group Defined",
    "IPCM_OverrideDN": null,
    "IPCM_RecordingPct": null,
    "IPCM_SearchableByName": false,
    "IPCM_UILanguage_Valid": null,
    "IPCM_UILanguage": null,
    "IPCM_VOIPLink_Category": null,
    "IPCM_VOIPLink_RecID": null,
    "IPCM_VOIPLink": null,
    "IPCM_VoiceAgent": false,
    "IPCM_VoiceSupervisor": false,
    "IPCM_WrapupSeconds": 0,
    "IPCM_WrapupTimeout_Valid": "2324B2F832D541A08D7B35942120B59E",
    "IPCM_WrapupTimeout": "Group Defined",
    "IVRPinCode": null,
    "IdentityId": "eac4fd8f-6fe1-ee11-b717-000d3a19b96f",
    "InternalAuthPasswd": "",
    "InternalPwdDateTime": "2024-03-13T19:26:17.76Z",
    "IsAutoProvisioned": false,
    "IsExternalAuth": false,
    "IsInternalAuth": true,
    "IsNamedUser": false,
    "LastExternalLoginId": null,
    "LastModBy": "Admin",
    "LastModDateTime": "2024-04-08T08:36:56Z",
    "LastName": "Jenkins",
    "LoginID": "gjenkins@netskope.com",
    "ManagerEmail": null,
    "ManagerLink_Category": null,
    "ManagerLink_RecID": null,
    "ManagerLink": null,
    "MiddleName": null,
    "NetworkUserName": "gjenkins@netskope.com",
    "NotificationLink_Category": null,
    "NotificationLink_RecID": null,
    "NotificationLink": null,
    "OrgUnitLink_Category": "OrganizationalUnit",
    "OrgUnitLink_RecID": "978ABB09369944C1991468FC458F488E",
    "OrgUnitLink": "978ABB09369944C1991468FC458F488E",
    "EntityLink_Category": "OrganizationalUnit",
    "EntityLink_RecID": "978ABB09369944C1991468FC458F488E",
    "EntityLink": "978ABB09369944C1991468FC458F488E",
    "OrganizationalUnit": "Default",
    "Owner_Valid": "FB884D18F7B746A0992880F2DFFE749C",
    "Owner": "Admin",
    "ParentLink_Category": null,
    "ParentLink_RecID": null,
    "ParentLink": null,
    "PasswordExpiration": true,
    "PrimaryPhone": null,
    "Phone1": null,
    "Phone2": null,
    "Prefix_Valid": null,
    "Prefix": null,
    "PrimaryEmail": "gjenkins@netskope.com",
    "ProfileID": null,
    "ReadOnly": false,
    "RecId": "F7177FFB09B44D159B1ADE379A5D1BC7",
    "RegionLink_Category": null,
    "RegionLink_RecID": null,
    "RegionLink": null,
    "Room": null,
    "Status_Valid": "427831F3A1234345A495A1F144C15158",
    "Status": "Active",
    "Suffix_Valid": null,
    "Suffix": null,
    "Supervisor": null,
    "Team_Valid": "2E4BABD54FB9420D94F836F0D9B80C47",
    "Team": "Service Desk",
    "TeamEmail": "change@example.com",
    "TeamManagerEmail": "change@example.com",
    "TempInternalAuthPassword": "",
    "TempPwdDatetime": null,
    "TerminatedDate": null,
    "Title_Valid": null,
    "Title": null,
    "Title_Sync": null,
    "VIP": false,
    "ReportedByLink_Category": null,
    "ReportedByLink_RecID": null,
    "ReportedByLink": null,
    "LocationLink_Category": null,
    "LocationLink_RecID": null,
    "LocationLink": null,
    "DefaultChargingAccount_Valid": null,
    "DefaultChargingAccount": null,
    "DN": null,
    "Language_Valid": null,
    "Language": null,
    "RemoteControlUID": null,
    "RemoteControlPwd": null,
    "Address1Line2": null,
    "NamedLicenseBundle_Valid": null,
    "NamedLicenseBundle": null,
    "CreationSource": null,
    "LockDate": null,
    "LoginAttemptCount": 0,
    "CustID": null,
    "SLAClass_Valid": null,
    "SLAClass": null,
    "LockType": "",
    "Phone1Ext": null,
    "Phone2Ext": null,
    "WeeklyAvailability": null,
    "GlobalId": null,
    "LoginId_Name": null,
    "ivnt_Director": null,
    "ivnt_CurrencyText": null,
    "ivnt_Country": null,
    "ivnt_HRCaseLink_Category": null,
    "ivnt_HRCaseLink_RecID": null,
    "ivnt_HRCaseLink": null,
    "Emp_LoginId": null,
    "ivnt_WorkOrderlink_Category": null,
    "ivnt_WorkOrderlink_RecID": null,
    "ivnt_WorkOrderlink": null,
    "ivnt_BuildingLink_Category": null,
    "ivnt_BuildingLink_RecID": null,
    "ivnt_BuildingLink": null,
    "ivnt_CubicleLink_Category": null,
    "ivnt_CubicleLink_RecID": null,
    "ivnt_CubicleLink": null,
    "ivnt_FloorLink_Category": null,
    "ivnt_FloorLink_RecID": null,
    "ivnt_FloorLink": null,
    "ivnt_BuildingName": null,
    "ivnt_FloorName": null,
    "ivnt_CubicleNumber": null,
    "ivnt_UpdateBuilding_Valid": null,
    "ivnt_UpdateBuilding": null,
    "ivnt_UpdateFloor_Valid": null,
    "ivnt_UpdateFloor": null,
    "ivnt_UpdateLocation_Valid": null,
    "ivnt_UpdateLocation": null,
    "BuildingName": null,
    "AccessListOrgUnit": null,
    "AzureAD_ID": null,
    "ROLE_TO_LINK": null,
    "nrn_FullName": null,
    "nrn_Gender": null,
    "nrn_MaritalStatus_Valid": null,
    "nrn_MaritalStatus": null,
    "nrn_CitizenshipStatus": null,
    "nrn_MilitaryServiceStatus": null,
    "nrn_ExemptionStatus": false,
    "nrn_PersonalEmail": null,
    "nrn_InternationalWorkPhone": null,
    "nrn_InternationalMobilePhone": null,
    "nrn_MailingAddress": null,
    "nrn_MailingAddress2": null,
    "nrn_MailingCIty": null,
    "nrn_MailingProvinceState": null,
    "nrn_MailingPostalCode": null,
    "nrn_MailingCountry": null,
    "nrn_MailingCountryCode": null,
    "nrn_MaritalStatusEffectiveDate": null,
    "nrn_PositionID": null,
    "nrn_JobProfile": null,
    "nrn_WorkerType": null,
    "nrn_EffectiveDate": null,
    "nrn_PayRateType": null,
    "nrn_ScheduledWeeklyHours": null,
    "nrn_PositionTimeType": null,
    "nrn_JobExempt": null,
    "nrn_FirstDateOfWork": null,
    "nrn_IsAManager": false,
    "nrn_ManagementLevel": null,
    "nrn_Terminated": false,
    "nrn_Retired": false,
    "nrn_RetriementDate": null,
    "nrn_EmergencyContact": null,
    "nrn_WorkPhone": null,
    "nrn_InternationalPhone": null,
    "nrn_Address": null,
    "nrn_City": null,
    "nrn_State": null,
    "nrn_PostalCode": null,
    "nrn_HomePhone": null,
    "nrn_Relationship": null,
    "nrn_SecondEmergencyContact": null,
    "nrn_ICE_WorkPhone": null,
    "nrn_ICE_InternationalPhone": null,
    "nrn_ICE_Address": null,
    "nrn_ICE_City": null,
    "nrn_ICE_State": null,
    "nrn_ICE_PostalCode": null,
    "nrn_ICE_HomePhone": null,
    "nrn_ICE_Relationship": null,
    "nrn_ICE2_WorkPhone": null,
    "nrn_ICE2_InternationalPhone": null,
    "nrn_ICE2_Address": null,
    "nrn_ICE2_City": null,
    "nrn_ICE2_State": null,
    "nrn_ICE2_PostalCode": null,
    "nrn_ICE2_HomePhone": null,
    "nrn_ICE2_Relationship": null,
    "CostCenterLink_RecID_Category": null,
    "CostCenterLink_RecID_RecID": null,
    "CostCenterLink_RecID": null,
    "nrn_DailyHours": null,
    "nrn_OperationalPercent": 0.00,
    "nrn_AvailableHours": null,
    "nrn_RemainingCapacity": null,
    "nrn_NumberOfDaysRequested": null,
    "nrn_TotalAllocatedHours": null,
    "nrn_TaskStartDate": null,
    "nrn_TaskEndDate": null,
    "nrn_TaskStartDateCTime": 1712565416,
    "nrn_TaskEndDateCTime": 1712565416,
    "nrn_OperationalHours": null,
    "extensionAttributes": null,
    "extensionAttribute1": null,
    "extensionAttribute2": null,
    "extensionAttribute3": null,
    "extensionAttribute4": null,
    "extensionAttribute5": null,
    "extensionAttribute6": null,
    "extensionAttribute7": null,
    "extensionAttribute8": null,
    "extensionAttribute9": null,
    "extensionAttribute10": null,
    "extensionAttribute11": null,
    "extensionAttribute12": null,
    "extensionAttribute13": null,
    "extensionAttribute14": null,
    "extensionAttribute15": null,
    "DexClass": null,
    "DexScore": 0,
    "DexScoreDate": null,
    "nrn_AutoCreateTimesheet": false
}
Get Fields for Mapping

API Endpoint: /api/odata/incidents/$metadata
Method: GET
Headers:

Key Value
User-Agent netskope-ce-5.0.1-cto-ivanti-v1.0.0
Accept application/json
Content-Type application/json
Authorization <Auth token> => Basic Auth
rest_api_key=<API Key> => API Key Auth

Sample API Response:

<?xml version="1.0" encoding="utf-8"?>
<edmx:Edmx Version="4.0" xmlns:edmx="http://docs.oasis-open.org/odata/ns/edmx">
    <edmx:DataServices>
        <Schema Namespace="MetaData" xmlns="http://docs.oasis-open.org/odata/ns/edm">
            <EntityType Name="incident">
                <Key>
                    <PropertyRef Name="RecId" />
                </Key>
                <Property Name="ActualCategory_Valid" Type="Edm.String" MaxLength="32" Unicode="false" />
                <Property Name="ActualCategory" Type="Edm.String" MaxLength="60" />
                <Property Name="CreatedDateTime" Type="Edm.DateTimeOffset" />
                <Property Name="Email" Type="Edm.String" MaxLength="255" />
                Type="Collection(MetaData.ivnt_chat)">
                    <OnDelete Action="Cascade" />
                </NavigationProperty>
                <NavigationProperty Name="IncidentAssocIncidentNeuronIntegration" Type="Collection(MetaData.incident)">
                    <OnDelete Action="Cascade" />
                </NavigationProperty>
                <NavigationProperty Name="ivnt_SecurityIncidentAssocIncidentNeuronsIntegration" Type="Collection(MetaData.ivnt_securityincident)">
                    <OnDelete Action="Cascade" />
                </NavigationProperty>
                <NavigationProperty Name="MicrosoftTeamsUserDetailsAssocIncident" Type="Collection(MetaData.ivnt_microsoftteamsuserdetails)">
                    <OnDelete Action="Cascade" />
                </NavigationProperty>
                <NavigationProperty Name="ivnt_GRCRiskAssocIncident" Type="Collection(MetaData.ivnt_grcrisk)">
                    <OnDelete Action="Cascade" />
                </NavigationProperty>
                <NavigationProperty Name="ivnt_GRCAuditAssocIncident" Type="Collection(MetaData.ivnt_grcaudit)">
                    <OnDelete Action="Cascade" />
                </NavigationProperty>
            </EntityType>
        </Schema>
    </edmx:DataServices>
</edmx:Edmx>

Create Incidents on Ivanti

API Endpoint: /api/odata/businessobject/incidents
Method: POST
Headers:

Key Value
User-Agent netskope-ce-5.0.1-cto-ivanti-v1.0.0
Accept application/json
Content-Type application/json
Authorization <Auth token> => Basic Auth
rest_api_key=<API Key> => API Key Auth

Parameters:

Key Value
ProfileLink <Employee Record ID>
Symptom Incident Description
Subject Incident Summary
Status Logged

Sample API Response:

{
    "@odata.context": "/api/odata/$metadata#incidents/$entity",
    "ActualCategory_Valid": null,
    "ActualCategory": null,
    "Category_Valid": null,
    "Category": null,
    "CauseCode_Valid": null,
    "CauseCode": null,
    "ClosedBy": null,
    "ClosedDateTime": null,
    "ClosedDuration": null,
    "CreatedBy": "test@gmail.com",
    "CreatedDateTime": "2024-04-09T06:21:22Z",
    "Email": "gjenkins@netskope.com",
    "FirstCallResolution": false,
    "Impact_Valid": null,
    "Impact": null,
    "IncidentNumber": 78986,
    "IsNotification": true,
    "IsVIP": false,
    "IsWorkAround": false,
    "LastModBy": "InternalServices",
    "LastModDateTime": "2024-04-09T06:21:25Z",
    "Phone": null,
    "Priority_Valid": "29CD5D78E16F4D82916C3E933A600096",
    "Priority": "3",
    "ProfileFullName": "Gary Jenkins",
    "ProfileLink_Category": "Employee",
    "ProfileLink_RecID": "F7177FFB09B44D159B1ADE379A5D1BC7",
    "ProfileLink": "F7177FFB09B44D159B1ADE379A5D1BC7",
    "RecId": "C9DF0BC0489447FEAC558BA55AEF17B9",
    "Resolution": null,
    "Service_Valid": "A912E98E55844765934A787FF3586F34",
    "Service": "Service Desk",
    "SLA": "",
    "SLALink_Category": null,
    "SLALink_RecID": null,
    "SLALink": null,
    "Source_Valid": "EF789CE160E742F99623DBB4D29C045C",
    "Source": "Phone",
    "Status_Valid": "AB3D0090B6D8471FB0D2720D301A22AF",
    "Status": "Logged",
    "Subject": "Create Incident test",
    "Symptom": "I would like to create an incident",
    "Urgency_Valid": null,
    "Urgency": null,
    "LoginId": "gjenkins@netskope.com",
    "Owner_Valid": null,
    "Owner": null,
    "OwnerTeam_Valid": "F2E66A400FF24786878B4ECC2B181220",
    "OwnerTeam": "Security",
    "OwnerType": "Employee",
    "IsNewRecord": false,
    "AlternateContactLink_Category": null,
    "AlternateContactLink_RecID": null,
    "AlternateContactLink": null,
    "ResolvedDateTime": null,
    "ResolvedBy": null,
    "HoursOfOperation_Valid": "FF57246B2E0047D193C1AEC1011D746B",
    "HoursOfOperation": "Weekly HOP",
    "OwnerEmail": null,
    "OwnerTeamEmail": "Security@demokit.org",
    "OwnershipAssignmentEmail": "Security@demokit.org",
    "CustomerLocation_Valid": null,
    "CustomerLocation": null,
    "IsReportedByAlternateContact": false,
    "ResolutionEscLink_Category": null,
    "ResolutionEscLink_RecID": null,
    "ResolutionEscLink": null,
    "ResponseEscLink_Category": null,
    "ResponseEscLink_RecID": null,
    "ResponseEscLink": null,
    "WaitingEscLink_Category": "Frs_data_escalation_watch",
    "WaitingEscLink_RecID": "074369560CF74DBAA119C72896C43D8D",
    "WaitingEscLink": "074369560CF74DBAA119C72896C43D8D",
    "ClosingEscLink_Category": null,
    "ClosingEscLink_RecID": null,
    "ClosingEscLink": null,
    "AlternateContactEmail": null,
    "OrganizationUnitID": "Default",
    "ReportingOrgUnitID_Valid": "978ABB09369944C1991468FC458F488E",
    "ReportingOrgUnitID": "Default",
    "TypeOfIncident": "Failure",
    "AlternateContactPhone": null,
    "TeamManagerEmail": "DemoFM.user@ivanticlouddev.com",
    "ProblemLink_Category": null,
    "ProblemLink_RecID": null,
    "ProblemLink": null,
    "CustomerDepartment": null,
    "ActualService_Valid": "A912E98E55844765934A787FF3586F34",
    "ActualService": "Service Desk",
    "CostPerMinute_Currency": "USD",
    "CostPerMinute_CurrencyValid": null,
    "CostPerMinute": "0.8000",
    "IsInFinalState": false,
    "IsReclassifiedForResolution": false,
    "KnowledgeLink_Category": null,
    "KnowledgeLink_RecID": null,
    "KnowledgeLink": null,
    "PreviousState": null,
    "ResolvedByIncidentNumber": null,
    "TotalTimeSpent": null,
    "RespondedBy": null,
    "RespondedDateTime": null,
    "OrgUnitLink_Category": "OrganizationalUnit",
    "OrgUnitLink_RecID": "978ABB09369944C1991468FC458F488E",
    "OrgUnitLink": "978ABB09369944C1991468FC458F488E",
    "OwningOrgUnitId_Valid": "978ABB09369944C1991468FC458F488E",
    "OwningOrgUnitId": "Default",
    "ProgressBarPosition": "1",
    "ResolvedByType": null,
    "ReportedBy": null,
    "NewNotes": null,
    "CreatedByType": "Web Client",
    "SLADisplayText": "",
    "ServiceReqLink_Category": null,
    "ServiceReqLink_RecID": null,
    "ServiceReqLink": null,
    "ReadOnly": false,
    "Cost_Currency": "USD",
    "Cost_CurrencyValid": null,
    "Cost": "0.0000",
    "IncidentDetailWorkflowTag": null,
    "IncidentDetailSummary": null,
    "IsApprovalNeeded": false,
    "Approver_Valid": null,
    "Approver": null,
    "IsDSMTaskExisted": false,
    "ApprovalStatus": null,
    "SocialTextHeader": "Incident 78986: Create Incident test",
    "Subcategory_Valid": null,
    "Subcategory": null,
    "helpdesk_Priority_Valid": null,
    "helpdesk_Priority": null,
    "ViewType": null,
    "IncidentNetworkUserName": "gjenkins@netskope.com",
    "SendSurveyNotification": true,
    "EntityLink_Category": "OrganizationalUnit",
    "EntityLink_RecID": "978ABB09369944C1991468FC458F488E",
    "EntityLink": "978ABB09369944C1991468FC458F488E",
    "EventCIRecId": null,
    "IsMasterIncident": false,
    "IsResolvedByMaster": false,
    "MasterIncidentLink_Category": null,
    "MasterIncidentLink_RecID": null,
    "MasterIncidentLink": null,
    "ServiceOwnerEmail": "admin@saasitdemo.com",
    "IsRelatedIncidentUpdate": false,
    "IsRelatedIncidentResolutionUpdate": false,
    "IsUnRead": false,
    "HRCaseLink_Category": null,
    "RecomCategory": null,
    "RecomSubCategory": null,
    "IsRunTicketClassification": true,
    "GRCRiskLink_Category": null,
    "GRCRiskLink_RecID": null,
    "GRCRiskLink": null,
    "TestField": null,
}
Update Incidents

API Endpoint: /api/odata/businessobject/incidents(<Incident Record ID’)
Method: PATCH
Headers:

Key Value
User-Agent netskope-ce-5.0.1-cto-ivanti-v1.0.0
Accept application/json
Content-Type application/json
Authorization <Auth token> => Basic Auth
rest_api_key=<API Key> => API Key Auth

Parameters:

Key Value
NewNotes Received a new alert with Alert ID: <Alert ID> and Alert Name: <Alert Name> in Cloud Exchange.

Sample API Response:

{
    "@odata.context": "/api/odata/$metadata#incidents/$entity",
    "ActualCategory_Valid": "14348C1FFA044D8AB1E93005B4A0A287",
    "ActualCategory": "Missing Item",
    "Category_Valid": "14348C1FFA044D8AB1E93005B4A0A287",
    "Category": "Missing Item",
    "CauseCode_Valid": "E2489F3F7DA34B898CCD9569CA5541F2",
    "CauseCode": "Other",
    "ClosedBy": "JClerk",
    "ClosedDateTime": "2019-10-16T07:09:48Z",
    "ClosedDuration": 37843200,
    "CreatedBy": "JClerk",
    "CreatedDateTime": "2019-10-10T06:42:48Z",
    "Email": "KDavidson@saasitdemo.com",
    "FirstCallResolution": false,
    "Impact_Valid": "1AFFC174C7EA4AB79CCA6B15EB67006D",
    "Impact": "Medium",
    "IncidentNumber": 10244,
    "IsNotification": true,
    "IsVIP": false,
    "IsWorkAround": false,
    "LastModBy": "test@gmail.com",
    "LastModDateTime": "2024-04-09T06:31:02Z",
    "Phone": "+61.2.8080.3300\r\n",
    "Priority_Valid": "29CD5D78E16F4D82916C3E933A600096",
    "Priority": "3",
    "ProfileFullName": "Karen R Davidson",
    "ProfileLink_Category": "Employee",
    "ProfileLink_RecID": "E07CFB09AB324E0E8D49993D3F0C3C75",
    "ProfileLink": "E07CFB09AB324E0E8D49993D3F0C3C75",
    "RecId": "003B58C0B4554E4BAA30DFD88876582A",
    "Resolution": "Resolved with user",
    "Service_Valid": "1D2C6534C7F247B3A81DF7C205F48DCA",
    "Service": "Facilities Management",
    "SLA": "",
    "SLALink_Category": null,
    "SLALink_RecID": null,
    "SLALink": null,
    "Source_Valid": "FF0467C231124B2FA2DB2156632C8A92",
    "Source": "Email",
    "Status_Valid": "2905321A3B12477A82E94E289F47786B",
    "Status": "Closed",
    "Subject": "Remote control for projector in Boardroom is are missing ",
    "Symptom": "This is an issue as it is roof mounted and cannot be switched on/off without the remote",
    "Urgency_Valid": "44021B6CC6E44E598868C4B3306053AE",
    "Urgency": "Medium",
    "LoginId": "KDavidson",
    "Owner_Valid": "5918944FE08C4F088C5E02E27DB7C6E3",
    "Owner": "Jacob.Clerk",
    "OwnerTeam_Valid": "2E4BABD54FB9420D94F836F0D9B80C47",
    "OwnerTeam": "Service Desk",
    "OwnerType": "Profile.Employee",
    "IsNewRecord": false,
    "AlternateContactLink_Category": null,
    "AlternateContactLink_RecID": null,
    "AlternateContactLink": null,
    "ResolvedDateTime": "2019-10-13T06:42:48Z",
    "ResolvedBy": "JClerk",
    "HoursOfOperation_Valid": null,
    "HoursOfOperation": "Weekly HOP",
    "OwnerEmail": "jacob.Clerk@saasitdemo.com",
    "OwnerTeamEmail": "change@example.com",
    "OwnershipAssignmentEmail": "change@example.com",
    "CustomerLocation_Valid": null,
    "CustomerLocation": "Western Europe",
    "IsReportedByAlternateContact": false,
    "AlternateContactEmail": null,
    "OrganizationUnitID": null,
    "ReportingOrgUnitID_Valid": null,
    "ReportingOrgUnitID": null,
    "TypeOfIncident": "Failure",
    "AlternateContactPhone": null,
    "TeamManagerEmail": "change@example.com",
    "ProblemLink_Category": null,
    "ProblemLink_RecID": null,
    "ProblemLink": null,
    "CustomerDepartment": "Accounting",
    "ActualService_Valid": "1D2C6534C7F247B3A81DF7C205F48DCA",
    "ActualService": "Facilities Management",
    "CostPerMinute_Currency": "USD",
    "CostPerMinute_CurrencyValid": null,
    "CostPerMinute": "0.4000",
    "IsInFinalState": false,
    "IsReclassifiedForResolution": false,
    "KnowledgeLink_Category": null,
    "KnowledgeLink_RecID": null,
    "KnowledgeLink": null,
    "PreviousState": null,
    "ResolvedByIncidentNumber": null,
    "TotalTimeSpent": 170.00,
    "RespondedBy": null,
    "RespondedDateTime": null,
    "OrgUnitLink_Category": "OrganizationalUnit",
    "OrgUnitLink_RecID": null,
    "OrgUnitLink": null,
    "OwningOrgUnitId_Valid": "FA9C9DD75EF9455CBC892F65691A1E7F",
    "OwningOrgUnitId": "Corporate IT Operations",
    "ProgressBarPosition": "5",
    "ResolvedByType": "Agent",
    "ReportedBy": null,
    "NewNotes": null,
    "CreatedByType": "Web Client",
    "SLADisplayText": "",
    "AddChatconversationtoActivityHistory": false,
    "ivnt_TeamsUserDetailsLink_Category": null,
    "ivnt_TeamsUserDetailsLink_RecID": null,
    "ivnt_TeamsUserDetailsLink": null,
    "VirimaAssetID": null,
    "RecommendedCategory": null,
    "RecommendedService": null,
    "RecommendedSubCategory": null,
    "Accuracy": null,
    "IsRecommended": false,
    "RecomService": null,
    "RecomCategory": null,
    "RecomSubCategory": null,
    "IsRunTicketClassification": false,
    "GRCRiskLink_Category": null,
    "GRCRiskLink_RecID": null,
    "GRCRiskLink": null,
    "TestField": null,
    "testvrunda": ""
}
Sync States

API Endpoint: /api/odata/businessobject/incidents
Method: GET
Headers:

Key Value
User-Agent netskope-ce-5.0.1-cto-ivanti-v1.0.0
Accept application/json
Content-Type application/json
Authorization <Auth token> => Basic Auth
rest_api_key=<API Key> => API Key Auth

Parameters:

Key Value
$filter IncidentNumber eq 76947

Sample API Response:

{
    "@odata.context": "/api/odata/$metadata#incidents",
    "@odata.count": 1,
    "value": [
        {
            "ActualCategory_Valid": "E9EC7ADA85A84F82A30474C6A5425046",
            "ActualCategory": "Capacity",
            "Category_Valid": "E9EC7ADA85A84F82A30474C6A5425046",
            "Category": "Capacity",
            "CauseCode_Valid": "D8F223FA930E480883ECA4270B471631",
            "CauseCode": "Configuration",
            "ClosedBy": null,
            "ClosedDateTime": null,
            "ClosedDuration": null,
            "CreatedBy": "gjenkins@netskope.com",
            "CreatedDateTime": "2024-04-05T07:06:51Z",
            "Email": "gjenkins@netskope.com",
            "FirstCallResolution": false,
            "Impact_Valid": null,
            "Impact": null,
            "IncidentNumber": 76947,
            "IsNotification": true,
            "IsVIP": false,
            "IsWorkAround": false,
            "LastModBy": "gjenkins@netskope.com",
            "LastModDateTime": "2024-04-05T08:29:52Z",
            "Phone": null,
            "Priority_Valid": "29CD5D78E16F4D82916C3E933A600096",
            "Priority": "3",
            "ProfileFullName": "Gary Jenkins",
            "ProfileLink_Category": "Employee",
            "ProfileLink_RecID": "F7177FFB09B44D159B1ADE379A5D1BC7",
            "ProfileLink": "F7177FFB09B44D159B1ADE379A5D1BC7",
            "RecId": "1B261B1112714F16A0AC32ADD656E380",
            "Resolution": "None",
            "Service_Valid": "A912E98E55844765934A787FF3586F34",
            "Service": "Service Desk",
            "SLA": "",
            "SLALink_Category": null,
            "SLALink_RecID": null,
            "SLALink": null,
            "Source_Valid": "EF789CE160E742F99623DBB4D29C045C",
            "Source": "Phone",
            "Status_Valid": "D562C1C0DF4742CB8D60276059C3B828",
            "Status": "Resolved",
            "Subject": "Netskope CE alert: CE Log",
            "Symptom": "Alert ID: 660f9f3cc7f5d74ff884d87b
App: Cloud Exchange
Alert Name: CE Log
Alert Type: Log
App Category: CE
User: ",
            "Urgency_Valid": null,
            "Urgency": null,
            "LoginId": "gjenkins@netskope.com",
            "Owner_Valid": "FB884D18F7B746A0992880F2DFFE749C",
            "Owner": "Admin",
            "OwnerTeam_Valid": "2E4BABD54FB9420D94F836F0D9B80C47",
            "OwnerTeam": "Service Desk",
            "OwnerType": "Employee",
            "IsNewRecord": false,
            "AlternateContactLink_Category": null,
            "AlternateContactLink_RecID": null,
            "AlternateContactLink": null,
            "ResolvedDateTime": "2024-04-05T08:29:07Z",
            "ResolvedBy": "gjenkins@netskope.com",
            "HoursOfOperation_Valid": "FF57246B2E0047D193C1AEC1011D746B",
            "HoursOfOperation": "Weekly HOP",
            "OwnerEmail": "admin@saasitdemo.com",
            "OwnerTeamEmail": "change@example.com",
            "OwnershipAssignmentEmail": "change@example.com",
            "CustomerLocation_Valid": null,
            "CustomerLocation": null,
            "IsReportedByAlternateContact": false,
            "ResolutionEscLink_Category": "Frs_data_escalation_watch",
            "ResolutionEscLink_RecID": "AE123197807D419CA87020B37249A1B7",
            "ResolutionEscLink": "AE123197807D419CA87020B37249A1B7",
            "ResponseEscLink_Category": "Frs_data_escalation_watch",
            "ResponseEscLink_RecID": "78B7171E0F564057BAED0C074E4996BD",
            "ResponseEscLink": "78B7171E0F564057BAED0C074E4996BD",
            "WaitingEscLink_Category": "Frs_data_escalation_watch",
            "WaitingEscLink_RecID": "EDFE3DABC0324A92845CAA0CD59E7060",
            "WaitingEscLink": "EDFE3DABC0324A92845CAA0CD59E7060",
            "ClosingEscLink_Category": "Frs_data_escalation_watch",
            "ClosingEscLink_RecID": "A735155654E3423A844284B07C362FED",
            "ClosingEscLink": "A735155654E3423A844284B07C362FED",
            "AlternateContactEmail": null,
            "OrganizationUnitID": "Default",
            "ReportingOrgUnitID_Valid": "978ABB09369944C1991468FC458F488E",
            "ReportingOrgUnitID": "Default",
            "TypeOfIncident": "Failure",
            "AlternateContactPhone": null,
            "TeamManagerEmail": "change@example.com",
            "ProblemLink_Category": null,
            "ProblemLink_RecID": null,
            "ProblemLink": null,
            "CustomerDepartment": null,
            "ActualService_Valid": "A912E98E55844765934A787FF3586F34",
            "ActualService": "Service Desk",
            "CostPerMinute_Currency": "USD",
            "CostPerMinute_CurrencyValid": null,
            "CostPerMinute": "0.4000",
            "IsInFinalState": false,
            "IsReclassifiedForResolution": false,
            "KnowledgeLink_Category": null,
            "KnowledgeLink_RecID": null,
            "KnowledgeLink": null,
            "PreviousState": null,
            "ResolvedByIncidentNumber": null,
            "TotalTimeSpent": 0.00,
            "RespondedBy": "gjenkins@netskope.com",
            "RespondedDateTime": "2024-04-05T07:09:45Z",
            "OrgUnitLink_Category": "OrganizationalUnit",
            "OrgUnitLink_RecID": "978ABB09369944C1991468FC458F488E",
            "OrgUnitLink": "978ABB09369944C1991468FC458F488E",
            "OwningOrgUnitId_Valid": "4A05123D660F408997A4FEE714DAD111",
            "OwningOrgUnitId": "GMI",
            "ProgressBarPosition": "4",
            "ResolvedByType": "Agent",
            "ReportedBy": null,
            "NewNotes": null,
            "CreatedByType": "Web Client",
            "SLADisplayText": "",
            "ServiceReqLink_Category": null,
            "ServiceReqLink_RecID": null,
            "ServiceReqLink": null,
            "ReadOnly": false,
            "Cost_Currency": "USD",
            "Cost_CurrencyValid": null,
            "Cost": "0.0000",
            "IncidentDetailWorkflowTag": null,
            "IncidentDetailSummary": null,
            "IsApprovalNeeded": false,
            "Approver_Valid": null,
            "Approver": null,
            "IsDSMTaskExisted": false,
            "ApprovalStatus": null,
            "SocialTextHeader": "Incident 76947: Netskope CE alert: CE Log",
            "Subcategory_Valid": null,
            "Subcategory": null,
            "helpdesk_Priority_Valid": null,
            "helpdesk_Priority": null,
            "ViewType": null,
            "IncidentNetworkUserName": "gjenkins@netskope.com",
            "SendSurveyNotification": true,
            "EntityLink_Category": "OrganizationalUnit",
            "EntityLink_RecID": "978ABB09369944C1991468FC458F488E",
            "EntityLink": "978ABB09369944C1991468FC458F488E",
            "EventCIRecId": null,
            "IsMasterIncident": false,
            "IsResolvedByMaster": false,
            "MasterIncidentLink_Category": null,
            "MasterIncidentLink_RecID": null,
            "MasterIncidentLink": null,
            "ServiceOwnerEmail": "admin@saasitdemo.com",
            "IsRelatedIncidentUpdate": false,
             "ivnt_UpdateRFI": "Chat Incident(s)",
            "AddChatconversationtoActivityHistory": false,
            "ivnt_TeamsUserDetailsLink_Category": null,
            "ivnt_TeamsUserDetailsLink_RecID": null,
            "ivnt_TeamsUserDetailsLink": null,
            "VirimaAssetID": null,
            "RecommendedCategory": null,
            "RecommendedService": null,
            "RecommendedSubCategory": null,
            "Accuracy": null,
            "GRCRiskLink_RecID": null,
            "GRCRiskLink": null,
            "TestField": null,
        }
    ]
}
Performance Matrix

These readings are collected on a Large CE Stack with below-mentioned specifications by running the plugin for a few hours in order to create a ticket/incident.

Stack details Size: Large
RAM: 32 GB
CPU: 16 Cores
Ticket/Incidents created on Ivanti ~110 per minute
User Agent

netskope-ce-5.0.1-cto-ivanti-v1.0.0

Workflow

  1. Create a User Role.
  2. Get an API Key.
  3. Fetch an Employee Record ID (Rec ID).
  4. Create a Custom Field.
  5. Configure the Ivanti plugin.
  6. Configure a Business Rule.
  7. Configure a Queue.
  8. Validate the plugin.

Click play to watch a video.

 

Create a User Role on Ivanti

  1. Log in to your Ivanti platform and go to Settings > Users and Permissions > Roles.
  2. Click Add New.
  3. Under Role Details, enter a Role and a Display Name.

    Note

    The name entered in the Role tab will be used as the internal Role name in the plugin configuration.

  4. Go to the next tab Top Level Tabs and click Add New Tab. Select Object Workspace.
  5. Enter the name example incident, select Incident in Object, and select IncidentLayout.ServiceDesk in Layout.
  6. Click Add this Tab and move to next tab, Object Permissions. Provide the required permissions.

    Note

    The permission mentioned here is for the default mapping, the permission for business objects may vary if the fields were changed.

  7. Click Save.

    Note

    Use this Role to create an API Key, as well as Creating an Employee.

Get an API Key

  1. Go to the Settings > Security Controls > API Keys.
  2. Select Key groups for which you want to create an API Key.
  3. Click Add API Keys and enter the API Key description. Select the user for which the Key is to be created (the previously created User Role) and click Save. Move back to the previous tab. The API Key will be created to be used in the plugin configuration.

Fetch the Employee Record ID (Rec ID)

  1. To fetch the Employee Record ID, go to More > Employee.
  2. From the All dropdown list, select New Saved Search.
  3. Filter the employee name based on their display name, along with a filter where their record ID is not empty, as shown below. You will see the RecID column. Copy the RecID for your user to use it in the plugin configuration.

Create a Custom Field

  1. Go to Settings > Business Objects > Incidents > Fields and click Add New Field.
  2. Select the Type of field you want to create from the options shown below.
  3. Enter a Field Name, Display Name, and Field Attributes.
  4. Click Add This Field, and then click Save. The field will be added.

    Note

    The custom field added on Ivanti takes a few hours to reflect in Cloud Exchange. After the fields is reflected, it can be seen in the Target Fields in the Queue configuration.

Configure the Ivanti Plugin

  1. Log in to Cloud Exchange and go to Settings > Plugins. Search for and select the CTO Ivanti plugin box to configure the plugin.
  2. Enter a Configuration Name and change the Sync Interval as per your requirement. Click Next.
  3. Enter these parameters and click Next:
    • Ivanti Tenant URL: Platform URL for your Ivanti
    • Authentication Method: Select the type of Authentication method you want to use. Basic Authentication (using Username and Password of Ivanti) and API Key Authentication using API Generated from Ivanti (as shown in above steps)
    • Employee Record ID (RecID): Employee Record ID of the user.

  4. For Authentication Method as Basic Authentication, enter these parameters:
    • Username: User of your Ivanti platform.
    • Password: Password associated with the user for Ivanti.
    • Ivanti User Role: Internal User Role name assigned to Ivanti User.

  5. If you have selected the API Key Authentication Method, provide the below details:
    • API Key: API Key created previously for the user.

  6. Click Save.

Configure a Ticket Orchestrator Business Rule for the Ivanti Plugin

Create a business rule based on the filters you need to generate incidents/tickets in the Ivanti plugin.

  1. In Ticket Orchestrator, select Business Rules.
  2. Click Create New Rule.
  3. Enter an appropriate Rule Name in the text box, and build the appropriate filter query condition on the field(s) for the business rule. You can also type the query manually by pressing the Filter Query button.
  4. Click Save.
  5. To test the newly created business rule, click Sync, enter the Time period (in days), and click Fetch. This will show the number of alerts that are eligible for incident/ticket creation.

Configure a Ticket Orchestrator Queue for the Ivanti Plugin

  1. In Ticket Orchestrator, select Queues.
  2. Click Add Queue Configuration, and select your Business Rule, your Ivanti plugin (Configuration), and queue from the dropdown.

  3. Click Save, and the sync the queue (if you already have the alerts pulled).

    Note

    If you want to use any other field visible on Ivanti when the incident is created, it is expected to add its value as a part of the Custom Message. Make sure to provide only supported values for the field, or else the value won’t be reflected when the incident is created.

Validate the Ivanti Plugin

Validate on Netskope CE

To validate the incident creation, update and sync in Cloud Exchange, and then go to Logging and filter tickets created by CTO Ivanti.



Go to Ticket Orchestrator > Tickets and check the created tickets along with their synced status.

Validate on Ivanti

To validate the ticket creation, update and sync on Ivanti:

  1. On the Ivanti platform, go to Incidents. All incidents that are created will be listed on the Incidents page.


Troubleshooting

Unable to generate tickets/incidents on Ivanti

Incidents can fail to be created on a platform due to one of the following reasons

  • No alerts are available in CE or no new alerts are pulled.
  • Business Rule has no alerts filtered.
  • Sufficient Role are not added.

What to do: Find the root cause from above and select the best fit resolution.

No alerts are available in CE or no new alerts are pulled
  • Check if the alerts are pulled from the CTO Netskope plugin, if no alerts are available the incident/ticket won’t be created.
  • If the alerts are present and the queue was added, it might be possible that new alerts are not available to create the incidents, so manually sync the queue in order to create the tickets.

Business Rule has no alerts filtered

Check the business and test it to confirm if it has any alerts filtered. If no alerts are available in the filtering, update the business rule.

Sufficient Role are not added

Check the Roles added for the plugin.

Receiving an error while creating the incident

If the default fields are removed from the queue configuration, and or any custom field added by the user is not added in the queue, you will receive this error while trying to create the incident.



What to do:
Identify the custom added mandatory field and add the same field with its expected value in queue configuration. If no custom mandatory field is added, check the default value added in the queue. The queue configuration should have Subject, Symptom, Status fields added.

Note

Incidents will only be created with status value as Logged.

Receiving an error when a custom field is deleted on Ivanti

If you have added a custom field for creating the incidents and later on deleted the field, you might run into the 500 Internal Server error while creating incidents, or 204 No Content error while configuring the plugin configuration.

What to do:
If you have recently deleted any custom field, create the same field again or Contact the Ivanti team for further help.

Unable to see the custom field added in the incident

When a customer field is created on Ivanti and used in the queue configuration for creating the incident, the field will be mapped from Netskope CE but won’t be reflected on Ivanti when the incident is created. This is because the custom fields are not displayed in the default incident schema on Ivanti.
What to do: To check the custom added field mapped in the incident, use the custom field in the queue configuration and add some custom message or field to it. Once done, sync the queue to create the incident. Copy the reference ID generated from the Tickets page on CE, and use the below API endpoint to find the API response for the given incident. The custom field along with its value will be added in the incident.
API Endpoint: https://<iavnti_base_url>/api/odata/businessobject/incidents(<incident Reference ID>)

Limitation

The Ivanti platform has a rate limit of 100,000 API calls for 24 hours duration.Hence, if the plugin reaches the limit, it will have 3 retries with default time of 60 seconds and raise an exception in the end.

Reference doc:
https://forums.ivanti.com/s/article/When-performing-HTTP-calls-I-get-the-message-API-rate-limits-exceeded-for-this-interval?language=en_US

Share this Doc

Ivanti Plugin for Ticket Orchestrator

Or copy link

In this topic ...