Example: creating a ServiceNow incident for expiring certificates
The Adaptable Log Channel driver lets you implement a custom action in response to events that are logged by Trust Protection Platform. The following sample code demonstrates calling the ServiceNow API to create an incident when a certificate is nearing expiration.
This sample script assumes that the Adaptable Log Channel object to which this script is assigned is targeted by a notification rule that executes whenever the Certificate Monitor - Certificate Expiration Notice and/or the Certificate Monitor - Certificate Expiration Escalation Notice events are logged.
function Perform-Action
{
Param(
[Parameter(Mandatory=$true,HelpMessage="General Parameters")]
[System.Collections.Hashtable]$General,
[Parameter(Mandatory=$true,HelpMessage="Event Detail Parameters")]
[System.Collections.Hashtable]$Event,
[Parameter(Mandatory=$true,HelpMessage="Extra Field Parameters")]
[System.Collections.Hashtable]$Fields
)
$passwd = ConvertTo-SecureString $General.UserPass -AsPlainText -Force
$cred = New-Object System.Management.Automation.PSCredential($General.UserName, $passwd)
$url = $General.ServiceAddress + "/api/now/table/incident"
$body = @{
"category"="request";
"short_description"=$Fields.Text1;
"description"=$Event.Description;
"comments"="Created by Venafi Trust Protection Platform Adaptable Log Channel using the ServiceNow API";
"impact"=3;
"urgency"=3;
"work_notes"=$Fields.Text2;
"priority"=3; # 1=critical, 2=high, 3=moderate, 4=low, 5=planning
"contact_type"="self-service";
"caller_id"="68f87b0bdb97a2009dfaf91ebf9619e9"
} | ConvertTo-Json
$resp = Invoke-RestMethod -Uri $url -Credential $cred -Method Post -Body $body -ContentType "application/json"
$sys_id = $resp.result.sys_id
return @{ Result="Success"; Updates=@{"Description"="ServiceNow Incident ID=" + $sys_id} }
}
For another example of simplifying authentication to the Web SDK, take a look at this Venafi Cool Solutions article.
Related Topics