- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-02-2021 05:56 AM
Hello,
I am testing Datadog event integration with ServiceNow. I am able to get a Datadog event to create a ServiceNow event and then an alert, but I can't get it to turn into an Incident no matter what I do.
In the Alert Management Rule, I created a rule to match with Alert generated from Datadog, the rule as follow:
1. has highest priority (lowest order) compared to all other
2. only have one matching condition, which is source = Datadog
3. In the preview, it shows there are records that matches the rule
4. When I create incident manually from the same Datadog alerts, it works fine.
Please see screenshots and let me know what I am missing?
Thank you,!
Solved! Go to Solution.
- Labels:
-
Event Management
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
12-02-2021 10:36 AM
I have found the solution. It was severity value supplied by Datadog not matching up with what ServiceNow was expecting. The solution was to correct map the severity using the Event Field Mapping. Thank you all for responding!
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-04-2021 08:48 AM
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-02-2021 10:50 AM
While it may not be ideal, I've noticed that the "new" Flows are not setup very well OOB. So I am using the "legacy"option of using Task Templates to create Incident or Task records from the Alert Management Rules.
You will need to modify the Alert Info tab to display the following two fields:
Task Template
Task Type
Then on the Actions tab, set the Remediation Subflows to "Create Task (legacy)". Of course, don't forget to populate all the required fields/values on the template.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-02-2021 12:18 PM
Hey Ian, I don't see a way to associate AMR with Task Templates, can you elaborate? How do you invoke a task template from the AMR actions as it only allow Workflows,Subflows, and Launch application?
Minh
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-02-2021 12:33 PM
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-03-2021 05:25 AM
Other than this, I've been trying to remember all the details of a conversation I had with a HI tech. It was something along the lines of the "new" OOB Flows for creating Incidents are provided as templates and rather than modify them, it is suggested you clone them and create your own working versions from the clones.
