Built something you're proud of? Tell the story. A quick G2 review of App Engine or Build Agent helps other developers see what's possible on ServiceNow. Share your experience.

Tables and Filters for Security Events from ServiceNow CMDB (for Tables API)

gurwindersi
Tera Contributor

‎08-11-2025 01:52 AM

We are looking to monitor security events from ServiceNow CMDB.
Which are the security relevant sub-tables in the below tables?

Is there any other field like name and source that we need to consider for filtering these tables?

Table                              filter

1.sysevent                      name: login, flow.fire
2.sys_audit                     table : email_access_restriction, password_policy, sys_security_acl, sys_security_acl_role,                                                                        sys_user,sys_user_role
3.syslog                          source: SecurityAttribute, AccessTerm
4.syslog_transaction       
5.sys_history_line           
6.sys_history_set 
0 Helpfuls
  • 888 Views
1 REPLY 1

Bert_c1
Kilo Patron

‎08-17-2025 12:24 PM

Try using the OOB Security Center: https://[instnace].service-now.com/now/security-center-monitoring/overview 

and the 'Security Metrics' widget there.

0 Helpfuls