Event Management Mapping

Go to solution
Krischan
Giga Guru

‎03-16-2023 12:09 AM

Hey people,

 

i've got an issue with Event Management intakes.

I'm getting events from a monitoring source and for some (Critical) events it all seems to work find. The events are coming in, the severity is mapped to Critical and alerts are being created. However, when the raw event indicates "HIGH" as severity, the event in the event table shows:

"1.0". I have no clue where this might be coming from. I tried to field mapping matrix alredy, I played around with other fields it just won't do it.

Krischan_0-1678950529204.png

Any Idea, what can be done here? Again, for criticals it works fine.

0 Helpfuls
  • 1,337 Views
2 ACCEPTED SOLUTIONS

Go to solution
Krischan
Giga Guru
In response to Harsh3

‎04-05-2023 10:34 PM

Hi Harsh,

 

it's the OOB connector for Event Management. The New Relic part in particular. 

We have figured it out in the mean-time. The issue is in the push-connector script. 

From what I've discussed with the ServiceNow devs, this will be solved in a future update.

View solution in original post

0 Helpfuls

Go to solution
Krischan
Giga Guru
In response to M_A

‎05-14-2023 09:41 PM

As I mentioned, the key is in the push connector script. That one determines what happens to the raw JSON coming in to ServiceNow. 

The older Version of New Relic didn't e.g. have a lot of values on the severity. Look into the script around line 25 or so. You can simply add your missing New Relic severity values. Obvioulsy this makes you owner of the script so be aware that in future updates this will absolutely need to be reverted once ServiceNow fixed the issue.

View solution in original post

0 Helpfuls
4 REPLIES 4

Go to solution
Harsh3
Kilo Guru

‎04-05-2023 09:20 PM

Please tell how this event is being created?
I mean by which integration (rest API, connector)?

0 Helpfuls

Go to solution
Krischan
Giga Guru
In response to Harsh3

‎04-05-2023 10:34 PM

Hi Harsh,

 

it's the OOB connector for Event Management. The New Relic part in particular. 

We have figured it out in the mean-time. The issue is in the push-connector script. 

From what I've discussed with the ServiceNow devs, this will be solved in a future update.

0 Helpfuls

Go to solution
M_A
Tera Contributor
In response to Krischan

‎05-12-2023 06:59 AM

Hi @Krischan ,

 

Thanks for this information. Please could you advise whether and how you fixed this manually prior to SNs future update? 

 

Thanks

0 Helpfuls

Go to solution
Krischan
Giga Guru
In response to M_A

‎05-14-2023 09:41 PM

As I mentioned, the key is in the push connector script. That one determines what happens to the raw JSON coming in to ServiceNow. 

The older Version of New Relic didn't e.g. have a lot of values on the severity. Look into the script around line 25 or so. You can simply add your missing New Relic severity values. Obvioulsy this makes you owner of the script so be aware that in future updates this will absolutely need to be reverted once ServiceNow fixed the issue.

0 Helpfuls