Trellix

Australia ServiceNow AI Platform Capabilities

Release

australia

ft:locale

ja-JP

ft:publication_title

Australia ServiceNow AI Platform Capabilities

ft:clusterId

platcap

bundleId

platcap

workflow

Platform

Service Graph Connector for Trellix

リリースバージョン: Australia

更新日 2026年03月12日

所要時間：6分

Use the Service Graph Connector for Trellix to bring in device, server, and network data from a Trellix environment into your ServiceNow instance to streamline your incident response and asset management use cases.

Request apps on the Store

Visit the ServiceNow Store to view all the available apps, and for information about submitting requests to the store. For cumulative release notes information for all released apps, see the ServiceNow Store version history release notes.

Supported versions

Supported ServiceNow versions:

Washington DC
Xanadu
Yokohama

Use cases

The following examples describe how you can use the Service Graph Connector for Trellix for security operations management:

Identify cybersecurity risks in the environment.
Assess dependencies between configuration items (CI).
Enable effective security incident response and endpoint management systems.
Identify data quality issues, reconcile inconsistencies, and manage incidents and changes on discovered CIs.

Configuring a connection for the connector

Use the SGC Central view in the Service Graph Workspace or CMDB Workspace to install the connector and configure the connection. The view enables you to install and discover connectors and to manage the full life cycle of creating, editing, monitoring, and debugging connections. For instructions, see Configure Service Graph Connector for Trellix using SGC Central.

重要:

Unless there are configuration issues, use SGC Central to configure the connection. The guided setup method for configuration is being deprecated.

CMDB integrations dashboard

The Integration Commons for CMDB store app provides a dashboard with a central view of the status, processing results, and processing errors of all installed integrations. You can see metrics for all integration runs. You can filter the view to a specific CMDB integration, a specific time duration, or a specific integration run. For more details about monitoring Trellix integrations in the CMDB Integrations Dashboard, see Using the CMDB Integrations Dashboard.

Data mapping

Data from the Trellix data sources is mapped and transformed into the ServiceNow CMDB Configuration Item (CI) class definitions using the Robust Transform Engine (RTE). Data is inserted into the ServiceNow CMDB using the Identification and Reconciliation Engine (IRE).

The following data source is included for the Trellix application:

SG-Trellix-Devices: Imports data from devices and loads the imported data in the SGC Trellix Device Import [sn_trellix_integ_sgc_trellix_device_import] staging table.

The imported data is then inserted into the following target tables:

File System [cmdb_ci_file_system]
IP Address [cmdb_ci_ip_address]
Network Adapter [cmdb_ci_network_adapter]
Server [cmdb_ci_server]
Software Installation [cmdb_sam_sw_install] (if the Software Asset Management (SAM) application is installed)
Software [cmdb_ci_spkg] (if the SAM application isn't installed)
Software Instance [cmdb_software_instance] (if the SAM application isn't installed)
Storage Disk [cmdb_ci_storage_disk]

You can use the IntegrationHub ETL app to view the data maps. See IntegrationHub ETL for more information.

System property

The following system property is available for Service Graph Connector for Trellix: sn_trellix_integ.getdevices_count. This property sets the pagination size for the records that are fetched from the Trellix API.

Type: integer
Default value: 100

注:

To open the System Properties [sys_properties] table, enter sys_properties.list in the navigation filter.