MID-less integrations for Health Log Analytics

  • Release version: Australia
  • Updated May 4, 2026
  • 2 minutes to read
    • Summarize
    Summarized using AI
    This content was generated using new OpenAI-powered functionality. Results are provided on an as is basis and are not guaranteed to be accurate or complete.

    Summary of MID-less integrations for Health Log Analytics

    Health Log Analytics (HLA) supports MID-less integrations that stream log data directly to your ServiceNow instance without using a MID Server. This approach simplifies deployment, reduces infrastructure overhead, and is particularly useful for organizations aiming to streamline log data ingestion from cloud-native sources.

    Show full answer Show less

    Role of the MID Server in Health Log Analytics

    Traditionally, a MID Server acts as an intermediary that collects, filters, and forwards log data from sources to ServiceNow. While flexible, MID Servers require deployment, maintenance, and scaling, which can increase infrastructure complexity and overhead.

    How MID-less integrations work

    • ITOM Gateway: A lightweight, cloud-native component that receives log data over HTTPS and routes it directly to your ServiceNow instance. Deployment is scalable based on log volume.
    • JSON Web Token (JWT): Used for secure, time-limited authentication of the data stream, eliminating the need to store third-party credentials on the ServiceNow instance.

    Supported MID-less integrations

    • AWS Firehose
    • Microsoft Azure Event Hubs (MID-less)
    • OpenTelemetry (OTLP) protocol integrations, including Cribl Stream, OpenTelemetry Collector, and Splunk OpenTelemetry Collector

    OTLP provides a vendor-neutral, standardized protocol for collecting and correlating logs, facilitating a unified setup process via the Integrations Launchpad.

    When to use MID-less integrations

    • To reduce infrastructure by removing the need for a MID Server
    • To simplify onboarding with guided setup in the Integrations Launchpad
    • For streaming logs from cloud-native sources where a MID Server adds complexity
    • When avoiding storage of third-party credentials on the ServiceNow instance is a priority

    Considerations

    • ITOM Gateway setup and configuration are prerequisites for MID-less integrations.
    • MID-less mode may not support on-premises data collection, bidirectional communication, or all integration types; in such cases, a MID Server based integration may be preferable.

    Health Log Analytics (HLA) supports integrations that stream log data directly to your ServiceNow instance without a MID Server. Use these integrations to simplify your deployment and reduce infrastructure overhead.

    Role of the MID Server in Health Log Analytics

    A Management, Instrumentation, and Discovery (MID) Server is a Java application that runs on a server in your network. In a standard HLA deployment, the MID Server acts as a relay between your log data sources and your ServiceNow instance. It collects, filters, and forwards log data on behalf of the instance.

    While MID Servers provide flexibility and support a wide range of integrations, they introduce additional infrastructure to deploy, maintain, and monitor. Organizations with high log volumes may also have to scale MID Server capacity over time.

    How MID-less integrations work

    MID-less integrations bypass the MID Server entirely. Log data streams from your third-party source directly to ServiceNow over HTTPS, where it is queued and processed by HLA.

    This architecture relies on two components:

    ITOM Gateway
    A lightweight, cloud-native component that receives incoming log data and routes it to your ServiceNow instance. You deploy ITOM Gateway based on your expected log volume. For more information, including deployment options and prerequisites, see MID-less log streaming via ITOM Gateway in Health Log Analytics.
    JSON Web Token (JWT)
    A secure, time-limited token used to authenticate the data stream between your log source and the ServiceNow datacenter. JWT authentication removes the requirement to store credentials such as AWS keys directly on your ServiceNow instance. For more information, see Configure a JSON Web Token (JWT) provider and token for Health Log Analytics.

    Supported MID-less integrations

    The following integrations support MID-less log streaming to Health Log Analytics.

    MID-less integrations using the OpenTelemetry (OTLP) protocol:
    Note:
    • OTLP uses a standardized, vendor-neutral protocol to send application and system logs to HLA. It enables logs to be easily collected, processed, and correlated regardless of their origin or destination.
    • The MID-less OpenTelemetry integrations all use the same transport model and share a common setup procedure in the Integrations Launchpad.

    When to use MID-less integrations

    Consider MID-less integrations when your organization wants to:

    • Reduce infrastructure by eliminating the requirement to deploy and maintain a MID Server
    • Simplify onboarding with a guided setup in the Integrations Launchpad
    • Stream log data from cloud-native sources, such as Amazon Data Firehose or Microsoft Azure Event Hubs, where a MID Server intermediary adds unnecessary complexity
    • Avoid storing third-party credentials on the ServiceNow instance

    Considerations

    Before choosing a MID-less integration, review the following:

    • MID-less integrations require ITOM Gateway. You must set up and configure ITOM Gateway before activating any MID-less integration. For more information, see MID-less log streaming via ITOM Gateway in Health Log Analytics.
    • If your deployment requires on-premises data collection, bidirectional communication, or integration types not yet supported in MID-less mode, a MID Server based integration may be more appropriate.