What's the optimal method to Integrate SolarWinds Alerts into ServiceNow?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
04-10-2025 08:40 AM
I've done some digging and found a few resources, but wanted to see if there are any other fresh perspectives or new methodologies that I'm not aware of.
I'm currently utilizing the SolarWinds SGC for our asset management portion but would like to capture real-time alerts for outages and incidents over the network.
Is the SolarWinds Alert Integration still the optimal solution for this? I see it's supported up to Yokohama.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
04-10-2025 08:56 AM
Do you have event management subscription?
ServiceNow offers lot of connectors for getting events from range of monitoring tool.
I have integrated Solarwinds in past and it works really fine. Check the below link
With event management it offers a lot of things to bind alerts to incidents, and create automated flows to resolve them.
In case you dont have subscription you can still integrate using a mid server. However, you might need to work alot to cut the noise.
Regards,
Pratiksha
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
04-10-2025 10:43 AM
Hi @Pratiksha
I don't believe we have Event Management right now. I know we are looking into SecOps for a renewal and that includes an element on Event Management for SIR, but I still think that may not be the full offers you get from a separate Event Management subscription.
I think the solution would have to be away from utilizing Event Management.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
04-10-2025 09:03 AM
Howdy @MBarrott,
We have integrated SolarWinds alerts into ServiceNow's Event Management via the Event Collector [Configure event collection from SolarWinds monitor]. This pulls essentially all of the events that might trigger an alert within SolarWinds into the [em_event] table to be processed by event rules. In order to drastically reduce the amount of alerts we handle, we actually allow alerts to be built within SolarWinds that rewrite to that particular event table that the SolarWinds Collector pulls from and then alerts off of those alerts.
I wouldn't necessarily say that this is the optimal approach as ServiceNow has designed the event collector to essentially replace the need to create alerts within SolarWinds, but it did allow us to stick to an OOB integration with SolarWinds on the ServiceNow side with some minor customizations to the SolarWinds Alert Actions that are triggered.
Another solution that we went down would have been a custom API to trigger the alert from SolarWinds into the [em_event] table to be processed by event rules, but we have not adjusted our approach to utilize that method.
I believe the problem with the SolarWinds Alert Integration (at least based off of when we were looking at that plugin) is that it directly integrates to Incidents instead of the Event Management process.
Hope this helps,
