ServiceNow v1.0.0 Plugin for Risk Exchange
ServiceNow v1.0.0 Plugin for Risk Exchange
This document explains how to configure the ServiceNow v1.0.0 plugin with the Risk Exchange module of the Netskope Cloud Exchange platform. This plugin supports performing the Share application data action to the User Administration > Companies page of the ServiceNow platform. The plugin does not support fetching Application data from the ServiceNow platform.
Prerequisites
To complete this integration, you need:
- A Netskope tenant (or multiple, for example, production and development/test instances).
- A Netskope Cloud Exchange tenant with the Tenant plugin and Risk Exchange module already configured.
- A Secure Web Gateway subscription for URL sharing.
- ServiceNow instance with user_admin access
- Connectivity to the following host: https://<instanceid>.service-now.com/
CE Version Compatibility
Netskope CE v5.1.0
ServiceNow v1.0.0 Plugin Support
Type of data pulled | Not Supported |
Actions Supported |
|
Mappings
Push Mapping
The following message will be added to the ‘notes’ field of the ‘core_company’ table on the ServiceNow platform.
[Netskope CE] Last shared at: <sharing_time> Application Name: <application_name>, Cloud Confidence Index: <cci>, CCL: <ccl>, Category Name: <category_name>, Deep Link: <deep_link> |
The following Application Fields are shared:
Applications Fields |
---|
Application Name |
CCI |
CCL |
Category Name |
Deep Link |
Permissions
Refer to ServiceNow user creation for creating a user and adding roles. This user_admin role is required for the ServiceNow plugin configuration and data sharing.
API Details
List of APIs Used
API Endpoint | Method | Use Case |
---|---|---|
/api/now/table/core_company | GET | Fetch vendors(companies) |
/api/now/table/core_company | PATCH | Send data to ServiceNow vendors |
Fetch Vendors (Companies)
API Endpoint: <Base URL>/api/now/table/core_company
Method: GET
Parameters:
Key | Value |
---|---|
sysparm_limit | 1 |
sysparm_offset | 0 |
sysparm_query | name=Google^ORparent.name=Alphabet |
sysparm_fields | sys_id,notes,name |
Headers:
Key | Value |
---|---|
User-Agent | netskope-ce-5.1.0-cre-servicenow-v1.0.0 |
Authorization | Basic <username:password> |
Sample API Response (Status Code 200):
{ "result": [ { "sys_id": "ab5c6112284002ad28549a", "notes": "", "name": "Google" } ] }
Send Data to ServiceNow Vendors
API Endpoint: <Base URL>/api/now/table/core_company/<sys_id>
Method: PATCH
Headers:
Key | Value |
---|---|
User-Agent | netskope-ce-5.1.0-cre-servicenow-v1.0.0 |
Authorization | Basic <username:password> |
Body:
{ "notes": "<<Application data to send>>" }
Sample API Response (Status Code 200):
{ "result": { "banner_image_light": "", "country": "USA", "parent": "", "notes": "<>", "city": "Mountain View", "stock_symbol": "Goog", "latitude": "", "discount": "", "sys_updated_on": "2022-09-30 06:44:43", "sys_class_name": "core_company", "manufacturer": "true", "apple_icon": "", "sys_id": "ab5c6112284002ad28549a", "market_cap": "0", "sys_updated_by": "", "num_employees": "53891", "fiscal_year": "", "rank_tier": "valued", "street": "1600 Amphitheatre Parkway", "sys_created_on": "2005-09-21 21:54:10", "vendor": "true", "contact": "", "lat_long_error": "2: find this", "stock_price": "", "theme": "", "banner_image": "", "state": "94043", "sys_created_by": "system", "longitude": "", "vendor_type": "", "zip": "CA", "profits": "0", "revenue_per_year": "0", "website": "www.google.com", "publicly_traded": "false", "sys_mod_count": "29", "sys_tags": "", "fax_phone": "", "phone": "(650) 253-0000", "vendor_manager": "", "banner_text": "", "name": "Google", "coordinates_retrieved_on": "", "customer": "false", "primary": "false" } }
Performance Matrix
These performance readings are conducted on a Large CE Stack with these VM specifications by sharing the application details of 1000 apps/companies to ServiceNow.
Stack details | Size: Large RAM: 32 GB CPU: 16 Cores |
Companies/Application data shared to ServiceNow | 1000 |
Time take to share the Companies/Application data | ~4 mins |
User Agent
netskope-ce-5.1.0-cre-servicenow-v1.0.0
Workflow
- Creating a User on the ServiceNow platform.
- Adding Permissions to the created user.
- Configure the ServiceNow plugin.
- Add a Risk Exchange Business Rule for ServiceNow.
- Add Risk Exchange Actions for ServiceNow.
- Validate the plugin.
Click play to watch a video.
Create a User on the ServiceNow Platform
- Log in to ServiceNow.
- Go to System Security > Users and Groups > Users.
- Click New.
- Enter the required information and make note of the User ID. Click Submit.
- After submitting the user, open the user record to set the password and roles. When finished, click Set Password.
- Click Generate to create a new password. Make note of the password.
- Click Save Password.
Adding Permissions to the User
- Click on the Roles tab and then Edit.
- Add the user_admin role. Click Save.
Configure the ServiceNow Plugin
- Log in to Cloud Exchange and go to Settings > Plugins. Search for and select the ServiceNow v1.0.0 plugin box.
- Enter a Configuration Name, Sync Interval, and enable/disable the proxy toggle button based on your proxy configuration.
- Click Next and enter the Configuration Parameters:
- Instance URL: URL of your ServiceNow instance.
- Username: Username associated with the ServiceNow instance.
- Password: Password associated with the username for your ServiceNow instance.
- Click Next and then Save.
Add a Risk Exchange Business Rule for ServiceNow
- In Risk Exchange, go to Business Rules. Click Create New Rule.
- Enter a Rule Name. Select the Entity for which Fields have been configured for the Applications that you need to perform the action, and configure the query based on your requirements.
- Click Save.
Add Risk Exchange Actions for ServiceNow
The ServiceNow plugin supports the Share Application Data and the No Action action on the applications pulled from Netskope or other third-party plugins.
Share Application Data
This action is used to share the application data pulled from Netskope or other third-party plugins to the ServiceNow instance. For the action to successfully perform it is mandatory for the application to be present on the ServiceNow instance.
Notes
- Companies (Company Name) available on ServiceNow can be identified by the field “Vendor” pulled from Netskope CRE Application.
- The Parent Company Name should be mapped considering that it will match the “Parent” on ServiceNow.
Follow these steps to configure the action in order to perform the ‘Share Application Data’ action:
- In Risk Exchange, go to Actions and click Add Action Configuration.
- Select your Business Rule, the plugin Configuration, and Action from their respective dropdowns.
- Enter the company name and/or parent company name, and then provide values for other fields whose details you want to share. Refer to the fields tooltip in order to know the expected value as Static or Source.
- Enable the Require Approval radio button if Approval is needed before performing action on the Applications.
- Click Save.
No Action
No action will be performed for this action. Users can generate UBA alerts in CTO by using this action and enabling the generate alerts toggle button.
Follow below steps to configure the action in order to perform the ‘No Action’ action:
- in User Risk Exchange, go to Actions and click Add Action Configuration.
- Select your Business Rule, plugin Configuration, and Action from their respective dropdowns.
- Enable the Require Approval radio button if Approval is needed before performing action on the Applications.
- Click Save.
Validate the ServiceNow Plugin
Validation on Cloud Exchange
Go to Logging to check the logs for the action performed on the application from the ServiceNow plugin.
Validate on ServiceNow
Go to User Administration > Companies. Select the Company shared with Cloud Exchange by searching for its name, and check the Notes added for the company to check the shared applications data.
Troubleshooting the ServiceNow Plugin
Unable to configure the CRE ServiceNow plugin
If user is unable to configure the CRE ServiceNow plugin, it could be due to one of these reasons:
- Incorrect credentials provided.
- User does not have required permissions.
- Incorrect instance URL provided.
To solve these issues, follow these steps:
- Make sure to provide the correct credentials.
- Make sure that the user has the required permissions.
- Make sure that the correct instance URL is provided.
Unable to share application on the ServiceNow platform
If applications are not getting shared to the CRE ServiceNow plugin, it could be due to one of these reasons:
- The condition provided while configuring the action is not matching.
- User does not have required permissions.
To solve these issues, follow these steps:
- Make sure to provide the correct condition that matches on the ServiceNow platform.
- Make sure that the user has the required permissions. Follow the steps, to provide a role to the user.