Before you run the integration on your ServiceNow AI Platform® instance,
complete these installation and configuration steps so the application properly integrates
with the Security Incident Response and Security Operations products on your ServiceNow AI Platform instance.
Before you begin
Role required: sn_si.admin
Procedure
-
If you have not installed the Microsoft Graph Security API
application from the ServiceNow Store for the integration, see Install a Security Operations integration
and follow the steps to install it.
-
After you have successfully installed the application, navigate to and locate the Microsoft Graph Security API - Alert Ingestion
tile.
-
To configure the application, click Configure.
-
In the Alert Ingestions Configuration dialog that is displayed, fill in the
fields.
| Field | Description |
|---|
| Name |
Name of the Microsoft Azure Cloud instance. You
can enter only alphanumeric values and hyphens (-) in this
field.
|
| Tenant ID |
The Microsoft Azure Tenant ID. This is the instance from which all the alerts in the Microsoft Azure portal are retrieved. |
| Client ID |
The Client ID for the application that you have registered in the
Microsoft Azure portal. See Configure the Microsoft Azure portal for details. |
| Client Secret |
The password for your registered application. |
-
Click Submit.
After it is successfully validated and submitted, each alert ingestions server
configuration is saved on the Security Integrations page as a tile. If your
saved configuration tiles are not displayed on the Security Integrations page,
on the top right corner of the page, from the Show Configurations choice list,
click Yes.
What to do next
You have successfully installed and configured the
application. The next step is to create an alert profile.