- Post History
- Subscribe to RSS Feed
- Mark as New
- Mark as Read
- Bookmark
- Subscribe
- Printer Friendly Page
- Report Inappropriate Content
on 02-18-2022 04:46 AM
Event Management – San Diego Features
Event Management is a key ITOM integration used by major organizations to manage events/alerts from various tools to triage and have visibility of these on the management dashboards. Actioning can be performed on the created alerts too e.g., creating incidents, performing RCA.
With the ever-growing platform features on ServiceNow with their every release, ServiceNow has introduced quite a few new features in the Event management space too.
Alert filters for automatic grouping
Create a filter for alert groups (Automated, CMDB, or Text) to exclude specific alerts from the group. Only alerts that match the configured filter are included in the group.
Changes: Alerts that do not contain a CI can be grouped together as text-based or pattern-based alert groups. To enable this functionality, set the ‘sa_analytics.enable_no_ci_grouping’ property to true. When working with pattern-based groups, ensure that the Feature Identifier includes both node and metric names.
Tag-based alert clustering engine
The tag-based alert clustering engine is a non-code method that defines alert correlations quickly, without dependency on CMDB topology or the ML learning cycle.
Changes: No major changes, documentation is updated a bit for procedures – https://docs.servicenow.com/bundle/sandiego-it-operations-management/page/product/event-management/t...
New feature: Exclude CI-based or CI class-based alerts and patterns when you encounter alerts incorrectly added to a learned pattern by the Learned Patterns job. For example, a pattern might include an alert that occurred at the same time as the other alerts in the pattern but is not actually related to those alerts.
Implement multiple API keys for a MID Server
Use API Keys to authenticate incoming requests from clients.
Changes:
Procedure for configuring the MID Web Server has changed between the versions, details on the procedure below -
Rome: https://docs.servicenow.com/bundle/rome-it-operations-management/page/product/event-management/task/...
San Diego: https://docs.servicenow.com/bundle/sandiego-it-operations-management/page/product/event-management/t...
Mutual authentication for MID Web Server
When using a MID Web Server, the server and client authenticate the certificates they present to each other. This method is known as mTLS (Mutual Transport Layer Security) authentication.
Changes:
The procedure for configuring the mTLS authentication for a MID server has changed between the versions, details on the procedure below -
Rome: https://docs.servicenow.com/bundle/rome-it-operations-management/page/product/event-management/task/...
San Diego: https://docs.servicenow.com/bundle/sandiego-it-operations-management/page/product/event-management/t...
Include alerts without a CI in pattern-based and text-based groups.
Changes: Alerts that do not contain a CI can be grouped together as text-based or pattern-based alert groups. To enable this functionality, set the sa_analytics.enable_no_ci_grouping property to true. When working with pattern-based groups, ensure that the Feature Identifier includes both node and metric names.
Event Management provides many connectors to pull or push events from external devices. New ones introduced along with San Diego are the below ones -
- MID push connector for GCP
- MID push connector for Azure
- Azure Bi-directional
- Logic Monitor
- Lightstep
- ThousandEyes
- Prometheus
- Oracle Cloud
List of all the connectors available OOB for event management https://docs.servicenow.com/bundle/sandiego-it-operations-management/page/product/event-management/r...l
If the article has helped you, please mark the answer as helpful. Also please share your feedback in the comments.
Thank you
Harneet
- 988 Views
