Welcome to Community Week 2025! Join us to learn, connect, and be recognized as we celebrate the spirit of Community and the power of AI. Get the details  

Notification on security_admin Role Elevation

Go to solution
SM24
Giga Guru

‎11-14-2024 01:29 PM

Hi all,

I have a requirement  to trigger a notification to a specific group whenever a user elevates their role to security_admin.

 

Details (OOTB) :

 

  • When a user elevates their role to security_admin, a record is generated in the sysevent table with the event name security.elevated_role.enabled.
  • In this event record:
    • parm1 contains the user ID of the user who elevated the role.
    • parm2 contains the value security_admin.

Steps I’ve Taken:

1. Created Notification:

  • I created a notification with the Send When condition set to "Event is fired" and selected security.elevated_role.enabled as the event.

2. Advanced Condition Script:

  • To ensure the notification only triggers when the elevated role is security_admin, I added the following script in the Advanced Condition section:

 

function elevated() {
    var sysEventGr = new GlideRecord('sysevent');
    sysEventGr.addQuery('sys_id', event.name.toString());
    sysEventGr.query();
    if (sysEventGr.next()) {
        if (sysEventGr.parm2 == "security_admin") {
            gs.print(sysEventGr.parm2);
            return true;
        }
    }
}

 

 

I expected this script to check the sysevent table record and confirm that parm2 equals security_admin and trigger the notification.

Issue:

  • Although this script works when run as a background script, the notification itself does not trigger as expected when the role is elevated.

Could anyone suggest a solution or identify what might be missing here to get the notification to trigger as expected? Thanks in advance.

 

Regards,

SM

 

 

0 Helpfuls
  • 1,273 Views
1 ACCEPTED SOLUTION

Go to solution
Sheldon  Swift
ServiceNow Employee
ServiceNow Employee

‎11-14-2024 02:39 PM

Hi @SM24 - I'm not sure your script will work as intended, but you can avoid the GlideRecord query altogether. Try this:

 

if (event.parm2 = 'security_admin') {
	answer = true;
} else {
	answer = false;
}

 

View solution in original post

0 Helpfuls
2 REPLIES 2

Go to solution
Sheldon  Swift
ServiceNow Employee
ServiceNow Employee

‎11-14-2024 02:39 PM

Hi @SM24 - I'm not sure your script will work as intended, but you can avoid the GlideRecord query altogether. Try this:

 

if (event.parm2 = 'security_admin') {
	answer = true;
} else {
	answer = false;
}

 

0 Helpfuls

Go to solution
AmolJ
Tera Expert

Saturday

If you require a notification based on a record created in sysevent table; I would recommend using the existing OOTB event in a script action and then calling a new custom event in the script action to trigger a custom notification.

You can use parm1 and parm2 from the OOTB event into the custom event in the script action. 

I have tried it and it works.

This way you don't need to worry about why a business rule is not triggering an event when a record is created in sysevent table.

0 Helpfuls