ServiceNow CMDB Integration

Description

The ExtraHop CMDB Integration for ServiceNow bundle enables you to send updates about all devices that are auto-discovered and auto-classified by your Discover appliance on your network to your ServiceNow CMDB.

The ExtraHop CMDB Connector relies on the ExtraHop REST API to query for recent device activity within the last 30 minutes. The CMDB Connector then transforms and formats this device and protocol activity into CMDB configuration items and sends batched requests through the IdentifyReconcile REST API to ServiceNow.

Bundle Contents

• (1) Alert
  • ServiceNow CMDB Integration Status
• (1) Application
  • ServiceNow CMDB
• (1) Dashboard
  • ServiceNow CMDB Integration
• (1) Trigger
  • ServiceNow CMDB Integration Status

Requirements

• An ExtraHop Discover appliance with firmware version 7.2 or newer.
  • A user account with unlimited privileges.
  • Open Data Context API (TCP only) enabled.
• A ServiceNow instance with version Kingston or newer.
  • Admin access to the ServiceNow instance.
• An Ubuntu 16.04 LTS or newer VM with the ServiceNow MID Server installed.
  • Sudo privileges.
  • The MID Server must be able to communicate with the Discover appliance and ServiceNow instance.
• A separate workstation with a recent version of Ansible installed to deploy the ExtraHop CMDB Connector to the MID Server.

Installation Instructions

Configure ServiceNow

Install the ExtraHop CMDB Integration on ServiceNow

1. Browse to the ExtraHop CMDB Integration on the ServiceNow App Store.

2. Click Get to download the application onto your ServiceNow instance.

3. Log in with your ServiceNow HI Service Portal account.

4. Select your entitlement option.

5. Accept the ServiceNow Store App Addendum and then click Get.

6. Click OK on the Buy Confirmation screen.

7. Log into your ServiceNow instance with administrator privileges.

8. In the left pane, click System Applications, and then click Applications.

9. In the Not Installed section, find the ExtraHop CMDB Integration application, and then click Install.

10. When the installation completes, click Close.

Create a dedicated user

You must create an ExtraHop user on your ServiceNow instance before the ExtraHop ServiceNow CMDB Integration can work with ServiceNow.

1. In the left pane, click System Security > Users & Groups > Users.

2. Click New.

3. Specify the following user settings:

   • User ID: extrahop
   • First Name: ExtraHop
   • Last Name: Integration
   • Password: Specify a password. This password is required when you deploy the ExtraHop CMDB Connector through Ansible.
   • Select the checkbox for Active.
   • Select the checkbox for Web service access only.

4. Click Submit.

5. Click on the new user extrahop.

6. On the Roles tab, click Edit.

7. Search for the following collections in the Collection list and click > to copy the collections to the Roles List.

   • asset
   • snc_platform_rest_api_access
   • web_service_admin
   • x_ehn_snow_cmdb.extrahop_discovered_devices_user

8. Click Save.

Add the ExtraHop CMDB Integration role to users

You must add a new role to each of your existing ServiceNow users that need access to the ExtraHop Discovered Devices data.

1. In the left pane, click System Security > Users & Groups > Users.

2. Click on a user that needs access.

3. On the Roles tab, click Edit.

4. Add the x_ehn_snow_cmdb.extrahop_discovered_devices_user role.

5. Click Save.

Add ExtraHop as a discovery source

You must add ExtraHop as a valid discovery source before the IdentifyReconcile REST API can properly accept the ExtraHop CMDB updates.

1. In the left pane, click System Definition, and then click Choice Lists.

2. Click New.

3. In the Table search drop-down list, type Configuration Item, and then select Configuration Item [cmdb_ci].

4. In the Element field, type discovery_source.

5. In the Label field, type ExtraHop

6. In the Value field, type ExtraHop

7. Click Submit.

Set up a MID Server

A guided setup is available from the ServiceNow menu that helps you configure and validate the server on your ServiceNow instance.

1. In the left pane, click Guided Setup, and then click ITOM Guided Setup.

2. Click Continue.

3. In the MID Server section, click Get Started.

   Note: You must install the MID Server on Ubuntu 16.04 LTS or newer with the following minimum requirements.

4. Complete the tasks in the guided setup to configure the MID Server.

Configure the ExtraHop Discover appliance

1. Log into the Admin UI on the Discover appliance.

2. Generate an API key for a designated user to enable requests to the ExtraHop REST API. Optionally, create a dedicated local user for API requests. Specify limited privileges, full read-only privileges, and no access, as shown in the following figure.

3. Enable Open Data Context with the default TCP port 11211.

Install the bundle

1. Download the bundle on this page.

2. Log into the ExtraHop Web UI.

3. Upload and apply the bundle.

   • Be sure to enable the ServiceNow CMDB Integration Status trigger.

Enable the trigger

After the bundle is applied, you must enable the trigger from the bundle.

1. Log into the Web UI on the Discover appliance

2. Click the System Settings icon .

3. Click Triggers.

4. In the list of triggers, find and select the checkbox next to the ServiceNow CMDB Integration Status trigger.

5. Click Enable.

Assign the alert

After the bundle is applied, you must assign the alert from the bundle to the ServiceNow application.

1. Log into the Web UI on the Discover appliance.

2. Click Metrics from the top menu.

3. Click Applications in the left pane.

4. Select the checkbox for ServiceNow CMDB.

5. Click the Assign Alert icon from the top of the page.

6. Select the checkbox for ServiceNow CMDB Integration Status.

7. Click Assign Alerts.

Configure the MID Server

Deploy the ExtraHop CMDB Connector

Before you begin

You must collect the following information to complete this procedure.

• The MID Server hostname or IP address
• The MID Server SSH credentials (sudo privileges required)
• The ServiceNow Instance hostname or IP address
• The ServiceNow Integration username and password
• The ExtraHop Discover hostname or IP address
• The API key generated for the ExtraHop REST API

1. Log into the control machine.

   Note: The control machine must have python 3.3 or later and meet these control machine requirements.

2. Install Ansible.

3. Download and extract the extrahop_cmdb_connector.zip file to a location on the control machine.

4. Open a terminal window and navigate to the folder where the file was extracted.

5. Run the following command to initiate the Ansible deployment:

   python3 install_cmdb_integration.py

6. Follow the installation prompts to deploy and configure the ExtraHop CMDB Connector.

   Note: Default responses are shown at the end of each prompt in brackets. For example, [extrahop]. Pressing ENTER accepts the default response.

7. When the installation completes you should see a result similar to the following figure.

   Note: In the event of an error, see the Troubleshooting section.

   The integration is installed and the ExtraHop Discovered Devices CMDB table is updated with new device information every 30 minutes.

Troubleshooting

Refer to the following tips and resources if you encounter any issues with the integration.

• If you entered incorrect configuration details during the interactive deployment, re-run the CMDB Connector script with Ansible.
• For MID Server issues, refer to the Troubleshooting a MID Server video or MID Server user connectivity issues reference.
• For Ansible issues, view the Network Debug and Troubleshooting Guide.
• If the MID Server returns an error message that it is unreachable during the Ansible deployment, verify the following information:
  • Ensure that the MID Server is running.
  • Ensure that you have connectivity to the MID Server over SSH from the control machine.
  • Ensure that the MID Server SSH username and password provided are correct.

• The ExtraHop CMDB Connector log file is located on the MID Server in the following location, for additional troubleshooting:

  /opt/extrahop/servicenow-cmdb/log/cmdb_connector.log