Manually send alerts from IoT Security through Cortex
XSOAR to ServiceNow to make work orders.
From the IoT Security portal, send a security
alert to ServiceNow. Before sending it, IoT Security converts the
alert into a security incident, which ServiceNow receives in its
Zingbox alerts vulnerability incident table. From there, a ServiceNow
user can create a work order for a network security analyst to investigate.
Log in to the IoT Security portal, click
and then select the check box of the alert you want to send as an
incident to ServiceNow.
to ServiceNow panel appears.
Add a comment and then click
, a link appears. When you click
it, a new browser window opens to the XSOAR playbook for this action.
To confirm that the work
order was sent, click the link to the XSOAR playbook for
For the link in IoT Security to open the
corresponding playbook in Cortex XSOAR, you must already be logged
in to your XSOAR instance before clicking it.
boxes in the playbook indicate that a particular step was successfully
performed. Following the path through the playbook gives you feedback
about whether an action was carried out successfully or, if not,
where the process changed course.
Also, the action “Sent to
ServiceNow” appears in the Last Action column. If you don’t see
this column, click the Columns icon (
) and select
Log in to ServiceNow and check the table you created
for receiving security incidents from IoT Security.
can also send an alert to ServiceNow from the Alert Details page
and from the Alerts section on the Device Details page.