Powered by Zoomin Software. For more details please contactZoomin
We're aware of an issue causing "Access Denied" errors when using this site. This may occur because multiple tabs are in use. As a potential workaround, try using one single tab and refreshing the page. Thank you for your patience as we work to resolve the issue.
Vancouver IT Operations Management
Integrate Azure Monitor as an authenticated data source
The Vancouver release is no longer supported. As such, the product documentation and release notes are provided for informational purposes only, and will not be updated.
Integrate Microsoft Azure with Event Management by adding the
Azure Monitor as an authenticated data source.
You can configure the Event Management environment
for the collection of events from Azure Monitor by setting your Now Platform
instance as the rest endpoint.
Once the endpoint is configured, when an Azure Monitor alert
message arrives, Event Management:
Authenticates the Azure Monitor alert message with the relevant ServiceNow user, using OAuth configuration or a standard
webhook.
Extracts information from the original Azure Monitor alert message to populate
required event fields and inserts the event into the Now Platform
database.
Captures specified content in the Additional Information field
of the event form.
What authentication is used
There are two methods of authentication:
OAuth authentication: Provides enterprise-grade authentication to keep your enterprise
environment safe. Authentication is performed using Azure Monitor V1 or V2 access
tokens. For more information, see Integrate Azure Monitor with OAuth authentication.
Basic webhook authentication: Provides a basic standard of authentication, without the
need for Azure Active Directory. This authentication can be especially useful for
distributed small teams, such as SRE or DevOps teams. For more information, see Integrate Azure Monitor with basic authentication.
What to know before you begin
You can use your integrated Azure Monitor as a data source only after you have verified the
following:
For both methods of authentication, the relevant ServiceNow
sys_user is assigned the evt_mgmt_integration role.
The Event Management Connectors plugin is installed in the Now Platform instance. You can download the plugin from the ServiceNow Store website.
Azure Cloud Discovery must be performed to ensure that the created alerts are bound to
the configuration items in the Now Platform. For more information, see Azure Cloud Discovery.
Event Rules and Event Field mappings
These event rules and event field mappings are provided with the base system:
Module
Description
Event Rules
Azure Monitor: A general event rule to handle all Azure
Monitor events.
Event Field Mappings
Azure Monitor - ci_type: To map ci_type of events based
on resourceType field. A base set of mapping pairs are provided.
These are the mappings provided with the base system in Azure Monitor -
ci_type:Figure 1. Transform Value Pairs
Note: You can add new mapping pairs to the Event Field Mapping - Azure
Monitor - ci_type as per the requirement, to map events to the respective
ci_type based on resourceType.
If you want to send alert state changes on the ServiceNow instance from the ServiceNow alerts to
the Azure Portal, you need to enable the Azure Monitor Bi-directional connector. For more
information, see Configure Azure Monitor Bi-directional connector.
We use cookies on this site to improve your browsing experience, analyze individualized usage and website traffic, tailor content to your preferences, and make your interactions with our website more meaningful. To learn more about the cookies we use and how you can change your preferences, please read our Cookie Policy and visit our Cookie Preference Manager. By clicking “Accept and Proceed,” closing this banner or continuing to browse this site, you consent to the use of cookies.
