Fortinet black logo

ServiceNow Integration 2.0 User Guide

Home FortiAnalyzer 6.4.0 ServiceNow Integration 2.0 User Guide
6.4.0
7.0.0
6.4.0
6.2.3

Setting Up FortiAnalyzer

Setting Up FortiAnalyzer

Task

Description

Create or select an account to use for integration with the FortiAnalyzer Integration App.

Set up JSON-RPC read-write permission for the account.

The profile for this account requires read-write access to Incidents & Events/FortiSoC.

API calls from the app require the account to have JSON-RPC read-write permission.

Use CLI commands to set JSON-RPC permission:

config system admin user

edit servicenow_account

set rpc-permit read-write

end

For more information, see the FortiAnalyzer Administration Guide in the Fortinet Document Library.

Install a trusted, signed SSL certificate and CA certificate

ServiceNow requires a trusted, signed SSL certificate and CA certificate for secure API communication.

For more information, see the Certificates section in the FortiAnalyzer Administration Guide in the Fortinet Document Library.

Create a ServiceNow Fabric Connector in Fabric View.

You will use the Fabric Connector to send notifications to the FortiAnalyzer Integration App upon creation or update of incidents:

  • Get the ServiceNow API URL from the FortiAnalyzer Integration App > FortiAnalyzer System Properties.
  • Use the same credentials for the ServiceNow API account from the FortiAnalyzer System Properties > Connection to ServiceNow API section. See Set up the system properties.

For more information, see Creating or editing ITSM connectors section in the FortiAnalyzer Administration Guide in the Fortinet Document Library.

Enable incident notifications on FortiAnalyzer

This will notify the FortiAnalyzer Integration App when an incident is raised or updated on FortiAnalyzer.

Go to FortiSoC > Incidents > Settings to enable notifications.

For more information, see the following sections in the FortiAnalyzer Administration Guide in the Fortinet Document Library:

  • Creating or editing ITSM connectors
  • Configuring incident settings
Previous
Next

Setting Up FortiAnalyzer

Task

Description

Create or select an account to use for integration with the FortiAnalyzer Integration App.

Set up JSON-RPC read-write permission for the account.

The profile for this account requires read-write access to Incidents & Events/FortiSoC.

API calls from the app require the account to have JSON-RPC read-write permission.

Use CLI commands to set JSON-RPC permission:

config system admin user

edit servicenow_account

set rpc-permit read-write

end

For more information, see the FortiAnalyzer Administration Guide in the Fortinet Document Library.

Install a trusted, signed SSL certificate and CA certificate

ServiceNow requires a trusted, signed SSL certificate and CA certificate for secure API communication.

For more information, see the Certificates section in the FortiAnalyzer Administration Guide in the Fortinet Document Library.

Create a ServiceNow Fabric Connector in Fabric View.

You will use the Fabric Connector to send notifications to the FortiAnalyzer Integration App upon creation or update of incidents:

  • Get the ServiceNow API URL from the FortiAnalyzer Integration App > FortiAnalyzer System Properties.
  • Use the same credentials for the ServiceNow API account from the FortiAnalyzer System Properties > Connection to ServiceNow API section. See Set up the system properties.

For more information, see Creating or editing ITSM connectors section in the FortiAnalyzer Administration Guide in the Fortinet Document Library.

Enable incident notifications on FortiAnalyzer

This will notify the FortiAnalyzer Integration App when an incident is raised or updated on FortiAnalyzer.

Go to FortiSoC > Incidents > Settings to enable notifications.

For more information, see the following sections in the FortiAnalyzer Administration Guide in the Fortinet Document Library:

  • Creating or editing ITSM connectors
  • Configuring incident settings
Previous
Next