Forum Discussion

CaseyW's avatar
3 years ago

Those with ServiceNow integrations: How do you configure your HTTP Delivery to UPDATE incidents rather than creating new ones for acknowledged and cleared alerts?

New incidents (Duplicates) are opened every time an incident is acknowledged or cleared. Looking at the HTTP Delivery section of my integration and it looks like all requests for active alerts, acknowledged alerts, cleared alerts and escalated/de-escalated alerts are just set to POST to the same table within SNOW: <myinstancename>/api/now/table/x_lomo_lmint_logicmonitor_inbound_webser

It seems to me like a sysid should be created and used for each incident and that the HTTP Delivery section should be using HTTP PUT method, along with the unique sysid for each incident that is being updated with an acknowledgement, clear or escalation/de-escalation..

Any ideas on how to accomplish updating these incidents? I have attached a screenshot of my HTTP Delivery section for acknowledged alerts

2 Replies