Creating a REST API endpoint in ServiceNow

About this task

To enable handling of a webhook received by IBM® Storage Insights, you need to create a REST API endpoint in your ServiceNow instance.

Procedure

To create a REST API endpoint in ServiceNow, complete the following steps:

  1. Access your ServiceNow instance and go to the Scripted REST APIs page.
    To quickly locate the page, type "Scripted REST APIs" in the search bar of All menu.
  2. Click New.
  3. Enter a suitable name and API ID.
  4. Click Submit.
    A new REST API endpoint is created.
  5. Open the newly created REST API endpoint from the Scripted REST APIs page.
  6. In the Resources tab, click New.
    1. Provide a name for this resource.
    2. Set the HTTP method to POST.
    3. Paste the following code snippet in the Script section: 
      (function process( /*RESTAPIRequest*/ request, /*RESTAPIResponse*/ response) {
    var event = request.body.data;
    var inc = new GlideRecord('incident');
    var prefixMsg = "";
    var eventTime = new GlideTime(event.occurrenceTimeInMs || event.occurrenceTime);
    inc.initialize();
    inc.caller_id = event.caller;
    if (event.alertSource) {
        prefixMsg = "You don't need to act on this incident as it is generated to verify the webhook connection from your IBM Storage Insights. The webhook connection was successful and the payload received from IBM Storage Insights is as follows: ";
        inc.impact = 3;
        inc.urgency = 3;
        inc.short_description = "The test incident that is generated because you tested the webhook connection from your IBM Storage Insights instance.";
        inc.description = prefixMsg + JSON.stringify(event, null, '\t');
    } else {
        prefixMsg = "This incident is created automatically as there was a ransomware threat alert triggered in your IBM Storage Insights. You can take necessary actions to mitigate the issue. The payload received from IBM Storage Insights is as follows: ";
        inc.impact = 1;
        inc.urgency = 1;
        inc.short_description = event.name + " alert was triggered on your IBM Storage Insights on " + eventTime.getByFormat('dd MMMM YYYY');
        inc.description = prefixMsg + JSON.stringify(event, null, '\t');
    }
    inc.insert();
    var responseBody = {};
    responseBody.message = "Incident created.";
    responseBody.incidentnumber = inc.number;
    response.setBody(responseBody);
})(request, response);
      Note: The code snippet has the logic to create the incident in ServiceNow. The Urgency and Impact levels of the incident created in ServiceNow are set to high if there is an actual ransomware alert triggered in IBM Storage Insights. When you are testing a webhook connection from IBM Storage Insights, these fields are set to low level. You can refine the code snippet according to your needs in incident creation.
    4. Ensure that Requires authentication is checked to use the Basic Auth and OAuth 2.0 authentication types to validate the webhook in IBM Storage Insights. Click Submit.
    5. Make a note of the resource path available in the Resource Path column in Resources section.
      The resource path must be provided in the Webhook URL field when a creating a webhook in IBM Storage Insights.

Results

The REST API end point is created successfully. You can now create webhook in your IBM Storage Insights instance for further integration. See Creating a webhook for ServiceNow.