Join the #BuildWithBuildAgent Challenge! Get recognized, earn exclusive swag, and inspire the ServiceNow Community with what you can build using Build Agent.  Join the Challenge.

Security Incident Response Task not triggering notifications on State update

gthapa
Tera Contributor

‎10-23-2025 11:43 AM

Hello Community, I have a Security Incident Task change notification in place which triggers on event named- "sn_si.TaskAssigned". But for some reason the notification would not trigger anytime I make a change on the SIT state, or Priority or even change the Assigned_to user. Can someone help me with this requirement?

gthapa_0-1761244813509.png

gthapa_1-1761244841571.png

gthapa_2-1761244863850.png

gthapa_3-1761244942151.png

gthapa_4-1761245014337.png

 

 

 

0 Helpfuls
  • 1,071 Views
7 REPLIES 7

RaghavSh
Mega Patron

‎10-24-2025 02:05 AM

@gthapa Do you see the event triggered in event logs?

 

Also the assignment group and assigned to should have valid values , means the users should have valid emails


Please mark the answer correct/helpful accordingly.


Raghav
MVP 2023
LinkedIn
0 Helpfuls

gthapa
Tera Contributor
In response to RaghavSh

4 weeks ago

Hello @RaghavSh - I do not see any events triggering in Event logs.

 

0 Helpfuls

kaushal_snow
Giga Sage

‎10-24-2025 03:05 AM

@gthapa ,

 

please check whether the event name you’re using is actually being queued (you can check System Logs > Events to see if your sn_si.TaskAssigned appears), and if not you’ll need a Business Rule or Flow on the sn_si_task table that fires gs.eventQueue('sn_si.TaskAssigned', current, current.sys_id, current.assigned_to) after a record update so that your Notification (set to When: Event is fired with that event name) can trigger properly, plus ensure the notification conditions, recipients and user email fields are all valid (for example that the user is active and has a correct email address) for notification engine to process it.......

 

If you found my response helpful, please mark it as ‘Accept as Solution’ and ‘Helpful’. This helps other community members find the right answer more easily and supports the community.

 

Thanks and Regards,
Kaushal Kumar Jha - ServiceNow Consultant - Lets connect on Linkedin: https://www.linkedin.com/in/kaushalkrjha/
0 Helpfuls

gthapa
Tera Contributor
In response to kaushal_snow

‎10-24-2025 01:35 PM

So, I did some modification on the Evernt registration for my notification and applied event(queue) scripting in the Business Rule  to apply with condition when assigned_to.name changes OR State is one of Close complete or cancelled. But I am not receiving any email notifications or any updates on System logs > Events. There is a scope error message pops up when I change the State of my Security Incident task (SIT) record to - Close complete.
Error- "Error Message

Access to event 'sn_si.SIT Update' from scope 'Security Incident Response' has been refused. The event is not defined."
 

gthapa_0-1761337786915.png

gthapa_1-1761337944551.png

gthapa_2-1761338094651.png

 

 

0 Helpfuls