The CreatorCon Call for Content is officially open! Get started here.

ZScaler integration with servicenow

VengadeshB52217
Tera Contributor

‎07-08-2025 12:33 AM

Hello Everyone,

 

Does anyone worked on ZScaler with ServiceNow integration to create CI ?

If so kindly share any inputs

 

Regards

Vengadesh

0 Helpfuls
  • 647 Views
2 REPLIES 2

Vishal36
Mega Guru

‎08-31-2025 10:45 AM

Hi @VengadeshB52217 , 

Integrating Zscaler with ServiceNow to create Configuration Items (CIs) is possible, but it depends on what Zscaler data you want to bring in and how it’s exposed—usually through Zscaler’s APIs or data exports. Key things to consider:

  • Data source: Identify what CI-related data (devices, policies, users, etc.) is available via Zscaler’s API or reports.
  • CI mapping: Decide how Zscaler entities map to your CMDB—what becomes a CI, and what attributes need to be captured.
  • Update frequency: Will this be a one-time import or a recurring sync? Automation matters if you want data to stay up to date.
  • Error handling and traceability: Make sure you can track sync status, log failures, and avoid duplicates in the CMDB.

If you're looking for a more scalable and deeper way to keep Zscaler and ServiceNow in sync, you may want to explore OpsHub Integration Manager (OIM), an enterprise grade integration platform and a ServiceNow Partner. ServiceNow is supported out of box. You can plug in a custom connector for Zscaler and take benefit of entire sync platform like inbuilt conflict resolution feature, user friendly UI, data transformation, deep data sync, etc. 

Hope it helps! 🙂

0 Helpfuls

Ajay_Chavan
Kilo Sage

‎08-31-2025 01:23 PM 

Hi Vengadesh,

Yes, ZScaler-ServiceNow integration for CI creation is definitely achievable! Here are several approaches and inputs from implementations I'm familiar with:



Integration Methods

REST API Integration (Most Common)


ZScaler API Endpoints to Use:



/locations - Get all ZScaler locations

/users - User information

/departments - Department data

/groups - User groups

/adminUsers - Admin users




ServiceNow Side:



// Sample REST Message to ZScaler API

var request = new sn_ws.RESTMessageV2();

request.setEndpoint('https://admin.zscaler.net/api/v1/locations');

request.setHttpMethod('GET');

request.setRequestHeader('Content-Type', 'application/json');

request.setRequestHeader('cookie', session_cookie); // After authentication



var response = request.execute();

var responseBody = response.getBody();

var locations = JSON.parse(responseBody);



Scheduled Data Import


Step 1: Create Import Set Tables



u_zscaler_locations_import

u_zscaler_users_import

u_zscaler_policies_import



Step 2: Transform Maps Map ZScaler data to ServiceNow CI classes:



Locations → Network Gear CI Class

Users → User CI Class

Policies → Software CI Class

Tunnels → Network Adapter CI Class

Common CI Types Created

ZScaler Location CIs



// Transform script example

target.name = source.u_location_name;

target.location = source.u_city + ', ' + source.u_country;

target.ip_address = source.u_static_ip;

target.operational_status = 1; // Operational

target.ci_class = 'Network Gear';



ZScaler User CIs



target.user_name = source.u_email;

target.department = source.u_department;

target.location = source.u_location;

target.ci_class = 'User';




Implementation Steps



Phase 1: Authentication Setup

Create ZScaler API Credentials




Generate API key in ZScaler Admin Portal

Set up service account with appropriate permissions

ServiceNow Configuration




Create REST Message records

Configure authentication (API key method)

Test connectivity





Phase 2: Data Mapping

Identify CI Classes



 ZScaler Location → cmdb_ci_network_gear

ZScaler User → cmdb_ci_user  

ZScaler Policy → cmdb_ci_service

ZScaler Tunnel → cmdb_ci_network_adapter




Field Mapping



 // Location mapping example

ZScaler Field → ServiceNow Field

name → name

staticIp → ip_address  

city → location

country → location (concatenated)




Phase 3: Scheduled Import



// Scheduled Script Execution

var ZScalerIntegration = Class.create();

ZScalerIntegration.prototype = {

    

    syncLocations: function() {

        // Authenticate with ZScaler

        var authResponse = this.authenticate();

        

        // Get locations data

        var locationsData = this.getLocations(authResponse.sessionId);

        

        // Process each location

        for (var i = 0; i < locationsData.length; i++) {

            this.createOrUpdateLocationCI(locationsData[i]);

        }

    },

    

    createOrUpdateLocationCI: function(locationData) {

        var ci = new GlideRecord('cmdb_ci_network_gear');

        ci.addQuery('name', locationData.name);

        ci.query();

        

        if (!ci.next()) {

            ci.initialize();

        }

        

        ci.name = locationData.name;

        ci.ip_address = locationData.staticIp;

        ci.location = locationData.city + ', ' + locationData.country;

        ci.operational_status = 1;

        

        if (ci.isNewRecord()) {

            ci.insert();

        } else {

            ci.update();

        }

    }

};




Key Challenges & Solutions

Rate Limiting
Challenge: ZScaler API has rate limits Solution: Implement retry logic with exponential backoff

function makeAPICallWithRetry(request, maxRetries) {

    for (var retry = 0; retry < maxRetries; retry++) {

        try {

            var response = request.execute();

            if (response.getStatusCode() == 200) {

                return response;

            }

        } catch (e) {

            if (retry == maxRetries - 1) throw e;

            gs.sleep(Math.pow(2, retry) * 1000); // Exponential backoff

        }

    }

}




Data Volume
Challenge: Large datasets can timeout Solution: Implement batch processing



// Process in batches of 100

var batchSize = 100;

var totalRecords = locationsData.length;



for (var i = 0; i < totalRecords; i += batchSize) {

    var batch = locationsData.slice(i, i + batchSize);

    this.processBatch(batch);

    gs.sleep(2000); // 2 second delay between batches

}




Best Practices

Error Handling: Implement comprehensive logging

Delta Sync: Only sync changed data to improve performance

Data Validation: Validate ZScaler data before creating CIs



Scheduling: Run during off-peak hours

Monitoring: Set up alerts for failed integrations

Sample Scheduled Job



// Name: ZScaler CI Sync

// Frequency: Daily

var zscaler = new ZScalerIntegration();

try {

    zscaler.syncLocations();

    zscaler.syncUsers();

    zscaler.syncPolicies();

    gs.info('ZScaler sync completed successfully');

} catch (e) {

    gs.error('ZScaler sync failed: ' + e.message);

}






Refer: 

https://store.servicenow.com/store/app/9b1a67e21b246a50a85b16db234bcb8f#contacts





https://www.servicenow.com/docs/bundle/zurich-security-management/page/product/secops-integration-sir/secops-integration-zscaler/concept/zscaler-integration-for-security-operations.html

https://www.youtube.com/watch?v=Eeb2KfosUy8
Glad I could help! If this solved your issue, please mark it as Helpful and Accept as Solution so others can benefit too.*****Chavan A.P. | Technical Architect | Certified Professional*****
0 Helpfuls