Health Log Analytics (Zurich): Ingest Power BI Activity Events via MID Server without Azure Log Anal

Pallavi37
ServiceNow Employee
ServiceNow Employee

4 hours ago

I’m looking for expert guidance on configuring ServiceNow Health Log Analytics (HLA) to ingest Power BI Activity Events directly into ServiceNow without using Azure Log Analytics, as Azure Log Analytics is disabled at the organization level and cannot be enabled.

 

Environment Details

  • ServiceNow Release: Zurich (latest patch 37.0.15)

  • Health Log Analytics Version: 37.0

  • MID Server: Installed, validated, and enabled for log ingestion

  • Azure Log Analytics: Not available / disabled at org level

  • Data Source: Power BI Admin Activity Events API
    https://api.powerbi.com/v1.0/myorg/admin/activityevents

What Is Already Configured

  • Health Log Analytics plugin is enabled

  • MID Server is configured and operational

  • Outbound REST Message created under:

    • System Web Services > Outbound > REST Message

  • OAuth authentication configured successfully

  • REST Message test returns HTTP 200 and valid Power BI activity event payload

Requirements

  • Pull Power BI Activity Events every 1 hour

  • Support incremental ingestion (delta/continuation-based)

  • Use MID Server for outbound API execution

  • Push data directly into ServiceNow Health Log Analytics

  • Azure Log Analytics must NOT be used

Guidance Requested

I’m looking for product-aligned, Zurich-supported guidance on:

  1. Ingestion Architecture

    • Supported methods to send external REST API log data into Health Log Analytics without Azure Log Analytics

    • Whether HLA supports direct ingestion from:

      • MID Server

      • Custom log sources

      • Scripted ingestion APIs or pipelines

  2. REST Message → HLA Integration

    • How to process REST Message responses and forward them to Health Log Analytics

    • Required data formats for HLA ingestion

    • Any parsers, log sources, or ingestion rules that must be created

  3. Incremental Log Collection

    • Recommended approach to track:

      • Last processed timestamp

      • Continuation tokens from Power BI API

    • Scheduling mechanism (Scheduled Script / Flow / Job)

  4. Health Log Analytics Configuration

    • Creating custom log sources (if supported)

    • Parsing and normalization of Power BI activity events

    • Validation steps to confirm logs are indexed in HLA

  5. Anomaly Detection

    • Best practices to configure anomalies for Power BI activity events

    • Examples:

      • Spikes in export/download actions

      • Unusual user activity

      • Sudden increase in API operations

    • Threshold-based vs ML-based anomaly detection in HLA

Important Notes

  • Please base recommendations strictly on:

    • Official ServiceNow documentation

    • ServiceNow KBs

    • ServiceNow blogs, demos, or community-verified implementations

  • Avoid assumptions or unsupported features

  • Clearly call out any limitations of Health Log Analytics in Zurich

0 Helpfuls
  • 46 Views
0 REPLIES 0