As more and more companies are adopting AIOps as a mode of operation for handling monitoring data and operational issues, I'm often asked what we provide out of the box and what are other customers doing. The ServiceNow event management module provides the perfect platform for facilitating such a practice and operating environment, but we do not yet have extensive out of the box automation routines that interact with customer infrastructure (we do have them for performing many activities on the platform like creating a major incident or customer case, etc).
To that end I created a couple of IntegrationHub spokes for performing common Windows and Linux server troubleshooting steps. In addition, I created a number of subflows that can be easily added to alert management rules to allow operators triaging alerts to perform routine tasks without having to leave the ServiceNow environment. Some of the spoke actions are specific to the type of Linux OS, so it is very likely you would need to copy them into a new action and change the OS specific commands (RedHat EL vs Ubuntu, etc).
Here is a look at the different pieces.
Linux admin spoke
Windows admin spoke
Subflows for Alert Handling
Many of these flows simply retrieve data and add to the work notes of an alert as shown below.
Alert updated with useful information
For actions that do more invasive actions like killing a process or restarting a service, the "Resource" attribute of the Alert needs to be updated with the parameter of what resource to act on (like the PID of the process or name or the service, etc).
Use the Resource field to act on specific services or processes
If you are interested in using these spokes and subflows, you can import them from Studio using the following Github repositories:
https://github.com/texasnick/linux-admin-spoke
https://github.com/texasnick/windows-admin-spoke
https://github.com/texasnick/aiops-subflows
The spokes use PowerShell and SSH protocols which require at least IntegrationHub Professional to be entitled on your instance. You can fork these repos into your own and add more content as needed for your environment, but hopefully this provides a solid framework from which to start. If you have other useful suggestions on content, please share and I can continue building in to these apps.
