Hi my Friend

Think of the MID Server as a secure messenger, not the brain.

It does not decide what an event is or what to do with it. Its only job is to receive or fetch events inside your network and pass them to ServiceNow.

How events actually get into ServiceNow

SolarWinds → MID Server → ServiceNow Event Management

1. SolarWinds detects an issue

   • A device goes down, threshold breached, service degraded, etc.

2. SolarWinds sends or exposes the event

   • Either pushes it (SNMP traps / API calls)

   • Or ServiceNow pulls it using a SolarWinds connector

3. MID Server

   • Listens for those events or runs the connector

   • Securely forwards the raw event data to ServiceNow

4. ServiceNow Event Management

   • Stores the event

   • Applies Event Rules

   • Creates or updates alerts

   • Handles correlation, CI mapping, and incident creation

What you need to configure in ServiceNow

• How events are collected (SolarWinds connector or SNMP traps)

• A connector or listener tied to the MID Server

• Event Rules (this is where most issues usually are)

Important clarification

If SolarWinds is creating incidents directly, that’s not Event Management.
True Event Management means events → alerts → correlation → incidents.

Bottom line:
The MID Server is just the delivery truck.
ServiceNow Event Management decides what the event means and what happens next.

@csatish - Please mark Accepted Solution and Thumbs Up if you found Helpful!!