Set up Syslog probe in ServiceNow and send ServiceNow logs to a dedicated server in customer network

Mahesh Kumar3
Giga Guru
Giga Guru

‎05-04-2023 09:03 PM

Hi All,

 

We have a requirement to set up Syslog probe to send logs from ServiceNow to a server in customer network.

We have a MID Server already set up.

Please help if you have already implemented this in any of your engagements.

 

Ref URL: https://docs.servicenow.com/bundle/utah-platform-administration/page/integrate/vendor-specific-integ... 

 

Thanks in advance!

  • 1,208 Views
2 REPLIES 2

Eva Tee
ServiceNow Employee
ServiceNow Employee

‎05-08-2024 01:42 AM

Hi Mahesh, wonder if you manage to get the answer? Appreciate if you could share with me the solution. Thanks.

0 Helpfuls

Mahesh Kumar3
Giga Guru
Giga Guru
In response to Eva Tee

‎05-08-2024 07:51 AM - edited ‎05-08-2024 07:52 AM

Hi Eva Tee,

 

I couldn't get any answer, but I implemented the syslog using the docs.

We had few use cases where we had to send logs to the server in case of certain action performed in ServiceNow.

Let's consider if a user logs in, the log was to be sent from ServiceNow to the log server.

We know that whenever a user log in, an event "login" is fired which can be seen in event logs.

So, we wrote a script action on login event and here is the script:

 

var username = event.parm1; // This is first paramter, which is the username who logged in

var logServer = gs.getProperty("log.server.fqdn"); // log server fqdn, in our case it was server ip
var midServer = gs.getProperty("mid.server.name"); // mid server name from ServiceNow record

var sl = new Syslog(logServer, midServer, 16);
sl.log('Login attempt successful for user ' + username, 6);

 

 

Hope this helps! Feel free to drop questions if you have.

 

Thank you!

Mahesh Kumar

0 Helpfuls