ServiceNow

Your organization can use collected data to investigate issues across your deployment.

Data is uploaded to ServiceNow via the use of scheduled searches. After saving a search, results are available in ServiceNow. Additionally, you can launch ad-hoc ServiceNow investigations using search results in Sumo Logic.

• To create events in ServiceNow, see Set Up ServiceNow Connections.
• To create incidents in ServiceNow, see Set Up a ServiceNow Incident Webhook Connection.
• To import and maintain real-time information about AWS and VMware virtual machine assets into the ServiceNow CMDB, see the Service Graph Installation and Configuration Guide.
• For the Sumo Logic Cloud SIEM Enterprise (CSE) integration with the ServiceNow Security Incident Response (SIR) module, see Security Incident Response (SIR) Integration.

In this section, we'll introduce the following concepts:

📄️ Launch Investigations

You can launch ad-hoc investigations directly from search results in Sumo Logic.

📄️ Set Up Searches

You can set up scheduled searches for ServiceNow integration.

📄️ Set Up Connections

Set up connections for ServiceNow integration.

📄️ Set Up Security Incident Webhooks

This page shows you how to set up a ServiceNow Incident Webhook connection, and create scheduled searches for the connection.