WS1 and ServiceNow
Introduction
This walkthrough originated as a request from a customer who was looking for a way to sync asset data from the Workspace ONE UEM console into ServiceNow. With some basic ServiceNow integrations aviable via the Workspace ONE Intelligence tools, to create new tickets for example, it seemed reasonable to build another intelligence connector and automation action to sync the enrolled device data as well. I found a number of forum threads where poeple were able to query the Workspace ONE UEM API to pull device asset infomation, but these were all multiple complex steps, custom scripts, data transformations etc.. and there was no simple way to sift though it all. This is my attempt to simply the integrations, and get my asset data from UEM into ServiceNow. Also this is my first blog post so lets see how it goes đ
Requirements and prep work
Setup a Developer instance of ServiceNow
We will do our testing in a developer instance of ServiceNow to ensure we do not cause issues with a production instance and verify our work safely
ServiceNow Developer instances are freely available but if you are not actively using it, they are cleaned up and removed. So its a quick and easy way to do some prototyping.
Request a ServiceNow Instance
Navigate to https://developer.servicenow.com
Create an account
From the developer portal set up a new instance, I select which ever version was the latest release
It will take bit to process and set up, you will get an email with a URL and credentials when its ready
When you receive the email login using the information provided
It will have you change the password
 Clear Demo Data
The developer instance of Service now will come preloaded with a bunch of sample data, in our case its not relevant so lets clear it up.
In the developer portal, in the Your instance section, select manage then remove demo data
This will take some time to process and you will get an email when its done
Enable Workspace ONE Intelligence
Login to your Workspace ONE UEM Admin Console
Navigate to Monitor \ Intelligence \ Get Started
Fill out the form to activate your 30 day trial of Intelligence
If you have any issues or questions reach out to your VMware Sales Team
Create a ServiceNow WebService
To begin we are going to create a new System web service. This will be the service that our Intelligence connector pushes the device records to. This will place the incoming device data into a temportary staging data table, where we will then map the incoming data to the correct ServiceNow tables. We will also apply some rules so that our desktop and / laptops are added as Computer Inventory and mobile devices, iOS and Android, are added to our Communication devices Inventory in ServiceNow.Â
Begin by creating a new System Web Service
In the search menu search for System Web Services
Under the Inbound section, select create new
Lets give our new Web Service a descriptive label, this will auto populate the Name Field
In the target table field, select the Computer [cmdb_ci_computer] table. This will direct our incoming device assets to be recorded as computer assets.
Ensure the copy fields from target table is ticked
Ensure the Create transform map is ticked
Click Create
This will open the transform map creation process.Â
Because we want to include an additional filtering script, let's tick the run script box.Â
By adding the following snippet of code, we will tell this transform map process to skip over any iOS or android devices. Don't worry, we will capture them later.Â
Another bonus of doing it this way, is that as devices are entered into the inventory, we can elect to run any other business rules already in place. I don't have any at the moment, but let's leave that ticked.Â
// reclassify to Communication Devices based on Operating system
if (source.u_os == "Apple iOS" ||
    source.u_os == "Android")
ignore=true;
Select the Auto Map Matching fields link.
This will populate our field mapping table. As data enters though the API interface, it gets written into the staging table, in the source fields, and mapped to the destination (computer inventory) as the target field.Â
Sort by target field and locate and select the serial_number field to edit it.Â
in the window that opens, tik the box to coalesceÂ
If the data in the Workspace ONE tool changes, like OS version, or name, the then the with the serial number as the coalesce value, the device record will remain intact and just be updated. No duplicates!Â
Hit update and update again on the transform map
Submit the transform map.Â
You may get dropped back to the service now home page - if you do, just search for the webservice you just created and click on it.
We are going to create a second transform map now. This time we will exclude the desktop devices and only capture the iOS and Android devices, and push them into the Communication Devices inventory.
Select New from the web service transform maps section
In the name, lets call this Mobile Devices
Leave the default source tableÂ
Set the target table to be our communication devices - Communication Devices [cmdb_ci_comm]Â
Hit the run script tik box and add the following snippet of code to filter out Windows Desktop devices and macOS devices
// reclassify to desktop Devices based on Operating system
if (source.u_os == "Apple macOS" ||
    source.u_os == "Windows Desktop")
ignore=true;
Select the Auto Map Matching fields link.
This will populate our field mapping table. As data enters though the API interface, it gets written into the staging table, in the source fields, and mapped to the destination (computer inventory) as the target field.Â
Sort by target field and locate and select the serial_number field to edit it.Â
in the window that opens, tik the box to coalesceÂ
If the data in the Workspace ONE tool changes, like OS version, or name, the then the with the serial number as the coalesce value, the device record will remain intact and just be updated. No duplicates!Â
Hit update and update again on the transform map
Submit the transform map - at this point we should have 2 transform maps created in our new web service.Â
Test our webservice API
Now that we have created our new Web Serivce, letls make sure it processes some data. we will use the service now API explorer to send some data to the new API and see if it creates a new computer record as expected.Â
Select the Explore Rest API link under the Related links section of our web service
This will open a new page with the api explorer loaded and configured to send a request to our API
Under the request body header lets add some fields.
hit add field
Search for serial number and give it a dummy value - 1234 in my case.Â
You will see the raw data being built for you below. hit the plus button next to the serial number
Lets also add a name, again just some test data for now.Â
hit sendÂ
You will get a warning because our API operation is a POST, which will create new data in ServiceNow
At this point if you look at the device records in service now, I can see my test computer record has been created successfully!Â
Intelligence dataÂ
Our next step in this process is to expolore what data we have accessible to us via the Workspace ONE intelligence engine, so we can sync over all the available attributes. The easiest way to do this is to just run a quick report. You will want at least 1 device enrolled, ideally multiple of variying OS types, so we have a good idea of the data stored.
Login to you Workspace ONE UEM console and launch the intelligence console.Â
Navigate to Monitor, then intelligence and hit launch.
Once in the Intelligence console, hit reports and add a report.
select the Category, then Workspace ONE UEM and devices category
Select the device starter template
Give your report a nameÂ
In the report preview section hit edit columns
Because at this point i am interested in seeing all available data, im just going to hit the top level categoy tick boxes to get all data types. So hit the tik box for Device, User, and Others. Then hit the add button to add them to the report
Hit save
Back on the reports home screenÂ
click on the report we just created and hit run.
This will run your report and we will download a CSV file to examine the data we can push to service now
Select view downloads and download the most recent report
Open the downloaded file
At this point you can review the file for the data that would you like to pull to service now. This will vary for each organization. So I will pick a few examples, but that is by no means exhaustive - use what is relevant for you.Â
For me, some examples of data I want to pull over are, Make, Model, Asset Number, Serial Number (remember based on our table mapping this is a required value due to it being the coalesce attribute), Name, OS, and OS version. I can see those are all populated in the report, so we should be set to push those over.
Create our API call
In order to have WS1 Intelligence do the work for us, we will be creating a new Postman collection and generating an API request. We are going to be be using the data from the service now API explorer to build a sample API reqest for the data we decided we want to sync and then paste that into Postman
In the ServiceNow console load the API Explorer page.
In the search bar, search for the name of the web service you created earlier
Select your web service in the menu
In the web service details page
Select the Explore Rest API link under the Related links section of our web service
This will open a new page with the API explorer loaded and configured to send a request to our web service API
Under the request body header lets add some fields.
Hit add field
Based on the data we decided to sync out from the the report we ran, I am going to add the following fields in the request body:
ManufacturerÂ
Model Number
Serial Number
Asset tag
Name
Os
Os version
If we look at the spread sheet, the column headers is the variable name we can reference to have it dynamically populate the value for each device. We will put that value in our lookup value format and add it to the request we are creating.
For example - with the above referenced items, I would set the values like:
If we look at the spread sheet, the column headers is the variable name we can reference to have it dynamically populate the value for each device. We will put that value in our lookup value format and add it to the request we are creating.
For example - with the above referenced items, I would set the values like:
Manufacturer = ${device_manufacturer_name}
Model Number = ${device_model}
Model ID =Â ${device_model}
Serial Number = ${device_serial_number}
Asset tag = ${device_asset_number}
Name = ${device_friendly_name}
Os = ${_device_platform}
Os version = ${device_os_version}
With the API builder completed, we can copy the created string for use in Postman in the next step.
Paste it in a notepad doc for reference in the next steps.
Here is my example code:
{
"u_manufacturer":"${device_manufacturer_name}",
"u_model_id":"${device_model}",
"u_model_number":"${device_model}",
"u_serial_number":"${device_serial_number}",
"u_asset_tag":"${device_asset_number}",
"u_name":"${device_friendly_name}",
"u_os":"${_device_platform}",
"u_os_version":"${device_os_version}"
}
We are now going to clean up the API query to submit a sample computer so we can get the POST URL string.Â
Delete all the attributes except the name field, add a dummy value and submit
In the Request section you will see the HTTP Method / URI listed - it should look simiar to:
 POST https://yourservicenowinstance.com/api/now/import/u_yourWebServiceName
Copy that for use in the next section as well.
Create a Postman Collection
In order to have intelligence do the work for us, we will be creating a new Postman collection and generating an API request. We are going to be be using the data from the service now API explorer to build a API reqest for the data we decided we want to sync and then paste that into Postman
Launch postman and create a new collectionÂ
Name your collection and Create
Set the authorization tab to Basic Authentiction and enter your ServiceNow Admin account
Set the request headers, create 2 key value pairs as shown
Change Option from GET to POST
In the Body section past the API body we generated in service now earlier
For reference mine was:
{
"u_manufacturer":"${device_manufacturer_name}",
"u_model_id":"${device_model}",
"u_model_number":"${device_model}",
"u_serial_number":"${device_serial_number}",
"u_asset_tag":"${device_asset_number}",
"u_name":"${device_friendly_name}",
"u_os":"${_device_platform}",
"u_os_version":"${device_os_version}"
}
We are going to do a quick test to ensure our API function works as expected.
Change the Name field from the lookup value to a test value, im using "test_via_postman"
Change the serial number field from the lookup value to a test value, im using, 1234
Send the request
You should get a 201 created response
The body will show the created record
At this point if you navigate to your Service now console, in the Computer asset section, we should see a new computer added
If that worked, change the Name and serial number values back to the lookup valuesÂ
Save our API Request
Click Save response
Save as example
In the Request that opens click Save Example
Export the Collection
Export as type 2.1
Save
Create Workspace ONE Intelligence Automation Connector
Create the Intelligence Connector
Login to the UEM admin console
Launch the Intelligence Console - Monitor \ Intelligence \ Launch
Select Settings \ Integrations \ Add custom Connector
Give your connector a descriptive name and description
In the Base URL enter your ServiceNow Tenant URL
Select Basic Authentication
Enter your ServiceNow Credentials
Save
Import Actions
Pick the Exported Postman Collection
You should see your API Request
Click the vertical 3 dots next to the name
Change the name and and serial number values to some test data, hit test
You should see a 201 Created result
Verify device creation in ServiceNow
If you are still on the computer page, just refresh and you should see the new computer added
If you are not, then follow the same instructions in the Verify API action section
Create Workspace ONE Automation
Select AutomationsÂ
Add automation
Select Category \ Workspace ONE UEM \ Devices
Select Get Started on the Device: Create your own card
Name your automation and add a description
Set the filter to Enrollment Status includes Enrolled, just use the search to find the filters
Add an Action
Select the connector we just created, and the action we defined
All of the attibues we defined in our API Call should be displayed along with the lookup value already configured
Save and enable the automation
Click on the automation you just createdÂ
Review the automation activity
Verify device creation in ServiceNow
If you are still on the computer page, just refresh and you should see the new computers from UEM added to your ServiceNow CMDB
If you navigate to the Communication devices section of ServiceNow, you should see the mobile devices listed as well.