ServiceNow Integration

A ServiceNow integration with Cloudhouse Guardian (Guardian) allows you to automatically create ServiceNow records after certain events take place. For example, in the event of a failed scan, you can configure this as an Action that automatically creates a ServiceNow record every time a scan fails in your Guardian instance. A ServiceNow record is a specific type of catalog item that can display a variety of details for change requests or incident records. Creating ServiceNow records allows you to identify changes, assess risks, and take action on problematic issues.

Integrating your Guardian instance with ServiceNow has the additional benefit of enabling the Automated Change Reconciliation functionality, a streamlined automation process to manage ServiceNow's change requests while providing comprehensive validation checks of changes. For more information, see ServiceNow Automated Change Reconciliation. This functionality was introduced in the July 2024 Quarterly Release.

This topic describes the steps you need to complete to setup a ServiceNow integration with Guardian.

Note: This topic focuses on setting up the ServiceNow integration. If you've already set up the integration and want to configure ServiceNow actions, see Action: Create a Record in ServiceNow.

Dependencies

To add a ServiceNow integration, a ServiceNow account is required. This could be an existing user account, but we recommend setting up a brand new user account named 'Guardian' for easier identification.

Add a ServiceNow Integration

IntegratingServiceNowwithGuardianestablishes a seamless connection to automatically createServiceNowrecords after certain events take place.

To add a ServiceNow integration to Guardian, complete the following:

In the Guardian web application, navigate to the Integrations tab (Control > Integrations) and click Add Integration. The Add Integration page is displayed.

Select ServiceNow from the list of available integrations. Here, you are required to complete the following options:

Option	Description
Instance URL field	The unique URL of your company’s ServiceNowinstance. For example,`https://yourcompany.service-now.com`.
Username field	The username of the ServiceNow account to connect to your instance.
Password field	The password for the corresponding username. Note: If you are editing an existing integration and the password hasn't changed, you can leave this field blank.
Change Request Filter (optional) field	Option to add a ServiceNow query to filter the change records Guardian syncs. By default, the 'approval=approved' query is used to sync all approved changes. However, you can use a different query to filter your ServiceNow change records. For example, 'state=in_progress' syncs change records that are 'In Progress'.
Incident Filter (optional) field	Option to add a ServiceNow query to filter the incident records Guardian syncs. By default, the 'priority<=3' query is used to sync all incident records where the priority is less than or equal to '3'. However, you can use a different query to filter yourServiceNow incident records. For example, 'state=closed' syncs incident records that are 'Closed'.
Node Name Exclusion (optional) field	Option to exclude certain nodes from Guardian. Any nodes listed here will not be detected during scans. The node names entered should be in a comma-separated list with no spaces. For example, 'nodename1,nodename2,nodename3'.
Scans CIs (nodes) on Work End checkbox	Option to scan any nodes that are impacted by a change request. If selected, the scanned nodes are tagged with the change request ID allowing Guardian to compare impacted nodes to the change request's implementation work and provide policy compliance. For more information, see .
Enable Verbose Logging (not recommended) checkbox	Option to enable verbose integration logging. If selected, Guardian will collect extra information for troubleshooting purposes. Note: This option is only recommended for troubleshooting purposes.
Validate Change checkbox	Option to only look at the nodes impacted by a change request during the post-implementation stage and check that: A policy in Guardian that is named with the corresponding change request ID is passing. The node in fact changed when it was meant to. Warning: Guardian will only validate whether a change request is in compliance with a policy, if the policy name in Guardian matches the change request ID. For more information, see .
Detect Unauthorized Change checkbox	Option to detect changes that occur on nodes that don't match up with the change request in ServiceNow. If selected, the following options are displayed: Select applicable environments checkboxes – The list of environments in your Guardian instance. Select the environment(s) you want to detect the change request records in. Unauthorized Change Request Window field – The number of hours Guardian will check back to look for related change request records. Unauthorized Change Request Filter (optional) field – Option to add a ServiceNow query to filter the change records synced by Guardian. Check Change Tasks for Work Start Time checkbox – Option to detect ServiceNow sub-tasks linked to change requests. If selected, Guardian looks at all ServiceNow sub-tasks as well as regular tasks.

Note: Options for detecting nodes using a ServiceNow integration can be found in the Job Schedule tab (Control > Job Schedule). For more information, see Synchronize Nodes – Job Type.

Once you have set the correct values for each of the options displayed, click Done to create the ServiceNow integration.

If successful, a confirmation message is displayed and the ServiceNow integration is added to the Integrationstab of yourGuardianinstance. If unsuccessful, an error message is displayed. Use the information displayed in the error message(s) to troubleshoot the values in yourServiceNow Integration options.

Troubleshooting

If you are experiencing issues with your integration, try the following:

Verify that the values supplied for the integration are correct.
To confirm the status of the integration sync, check the integration sync event in the Events tab (Control > Events) of your Guardian instance. For more information, see Events.