WS1 and ServiceNow

Introduction

This walkthrough originated as a request from a customer who was looking for a way to sync asset data from the Workspace ONE UEM console into ServiceNow. With some basic ServiceNow integrations aviable via the Workspace ONE Intelligence tools, to create new tickets for example, it seemed reasonable to build another intelligence connector and automation action to sync the enrolled device data as well. I found a number of forum threads where poeple were able to query the Workspace ONE UEM API to pull device asset infomation, but these were all multiple complex steps, custom scripts, data transformations etc.. and there was no simple way to sift though it all. This is my attempt to simply the integrations, and get my asset data from UEM into ServiceNow. Also this is my first blog post so lets see how it goes đŸ˜€


Requirements and prep work

Setup a Developer instance of ServiceNow

We will do our testing in a developer instance of ServiceNow to ensure we do not cause issues with a production instance and verify our work safely

ServiceNow Developer instances are freely available but if you are not actively using it, they are cleaned up and removed. So its a quick and easy way to do some prototyping.

Request a ServiceNow Instance



  • From the developer portal set up a new instance, I select which ever version was the latest release

    • It will take bit to process and set up, you will get an email with a URL and credentials when its ready

  • When you receive the email login using the information provided

  • It will have you change the password

Clear Demo Data

  • The developer instance of Service now will come preloaded with a bunch of sample data, in our case its not relevant so lets clear it up.

    • In the developer portal, in the Your instance section, select manage then remove demo data

      1. This will take some time to process and you will get an email when its done

Install Postman

If you dont have it already, download and install Postman

Enable Workspace ONE Intelligence

Login to your Workspace ONE UEM Admin Console

Navigate to Monitor \ Intelligence \ Get Started

Fill out the form to activate your 30 day trial of Intelligence

If you have any issues or questions reach out to your VMware Sales Team

Create a ServiceNow WebService

To begin we are going to create a new System web service. This will be the service that our Intelligence connector pushes the device records to. This will place the incoming device data into a temportary staging data table, where we will then map the incoming data to the correct ServiceNow tables. We will also apply some rules so that our desktop and / laptops are added as Computer Inventory and mobile devices, iOS and Android, are added to our Communication devices Inventory in ServiceNow.

  • Begin by creating a new System Web Service

  • In the search menu search for System Web Services

  • Under the Inbound section, select create new

  • Lets give our new Web Service a descriptive label, this will auto populate the Name Field

  • In the target table field, select the Computer [cmdb_ci_computer] table. This will direct our incoming device assets to be recorded as computer assets.

  • Ensure the copy fields from target table is ticked

  • Ensure the Create transform map is ticked

  • Click Create

This will open the transform map creation process.

Because we want to include an additional filtering script, let's tick the run script box.

By adding the following snippet of code, we will tell this transform map process to skip over any iOS or android devices. Don't worry, we will capture them later.

Another bonus of doing it this way, is that as devices are entered into the inventory, we can elect to run any other business rules already in place. I don't have any at the moment, but let's leave that ticked.

// reclassify to Communication Devices based on Operating system

if (source.u_os == "Apple iOS" ||

source.u_os == "Android")

ignore=true;

  • Select the Auto Map Matching fields link.

This will populate our field mapping table. As data enters though the API interface, it gets written into the staging table, in the source fields, and mapped to the destination (computer inventory) as the target field.

  • Sort by target field and locate and select the serial_number field to edit it.

  • in the window that opens, tik the box to coalesce

  • If the data in the Workspace ONE tool changes, like OS version, or name, the then the with the serial number as the coalesce value, the device record will remain intact and just be updated. No duplicates!

  • Hit update and update again on the transform map

Submit the transform map.

You may get dropped back to the service now home page - if you do, just search for the webservice you just created and click on it.

We are going to create a second transform map now. This time we will exclude the desktop devices and only capture the iOS and Android devices, and push them into the Communication Devices inventory.

  • Select New from the web service transform maps section

  • In the name, lets call this Mobile Devices

  • Leave the default source table

  • Set the target table to be our communication devices - Communication Devices [cmdb_ci_comm]


  • Hit the run script tik box and add the following snippet of code to filter out Windows Desktop devices and macOS devices


// reclassify to desktop Devices based on Operating system

if (source.u_os == "Apple macOS" ||

source.u_os == "Windows Desktop")

ignore=true;

  • Select the Auto Map Matching fields link.

  • This will populate our field mapping table. As data enters though the API interface, it gets written into the staging table, in the source fields, and mapped to the destination (computer inventory) as the target field.

  • Sort by target field and locate and select the serial_number field to edit it.

  • in the window that opens, tik the box to coalesce

If the data in the Workspace ONE tool changes, like OS version, or name, the then the with the serial number as the coalesce value, the device record will remain intact and just be updated. No duplicates!

Hit update and update again on the transform map

Submit the transform map - at this point we should have 2 transform maps created in our new web service.

Test our webservice API

Now that we have created our new Web Serivce, letls make sure it processes some data. we will use the service now API explorer to send some data to the new API and see if it creates a new computer record as expected.

Select the Explore Rest API link under the Related links section of our web service

This will open a new page with the api explorer loaded and configured to send a request to our API

Under the request body header lets add some fields.

  • hit add field

  • Search for serial number and give it a dummy value - 1234 in my case.

  • You will see the raw data being built for you below. hit the plus button next to the serial number

  • Lets also add a name, again just some test data for now.

  • hit send

You will get a warning because our API operation is a POST, which will create new data in ServiceNow

At this point if you look at the device records in service now, I can see my test computer record has been created successfully!

Intelligence data

Our next step in this process is to expolore what data we have accessible to us via the Workspace ONE intelligence engine, so we can sync over all the available attributes. The easiest way to do this is to just run a quick report. You will want at least 1 device enrolled, ideally multiple of variying OS types, so we have a good idea of the data stored.

Login to you Workspace ONE UEM console and launch the intelligence console.

  • Navigate to Monitor, then intelligence and hit launch.

  • Once in the Intelligence console, hit reports and add a report.

  • select the Category, then Workspace ONE UEM and devices category

  • Select the device starter template

Give your report a name

  • In the report preview section hit edit columns

Because at this point i am interested in seeing all available data, im just going to hit the top level categoy tick boxes to get all data types. So hit the tik box for Device, User, and Others. Then hit the add button to add them to the report

  • Hit save

Back on the reports home screen

  • click on the report we just created and hit run.

This will run your report and we will download a CSV file to examine the data we can push to service now

  • Select view downloads and download the most recent report

  • Open the downloaded file

At this point you can review the file for the data that would you like to pull to service now. This will vary for each organization. So I will pick a few examples, but that is by no means exhaustive - use what is relevant for you.

For me, some examples of data I want to pull over are, Make, Model, Asset Number, Serial Number (remember based on our table mapping this is a required value due to it being the coalesce attribute), Name, OS, and OS version. I can see those are all populated in the report, so we should be set to push those over.

Create our API call

In order to have WS1 Intelligence do the work for us, we will be creating a new Postman collection and generating an API request. We are going to be be using the data from the service now API explorer to build a sample API reqest for the data we decided we want to sync and then paste that into Postman

In the ServiceNow console load the API Explorer page.

  • In the search bar, search for the name of the web service you created earlier

  • Select your web service in the menu

  • In the web service details page

  • Select the Explore Rest API link under the Related links section of our web service

This will open a new page with the API explorer loaded and configured to send a request to our web service API

Under the request body header lets add some fields.

  • Hit add field

  • Based on the data we decided to sync out from the the report we ran, I am going to add the following fields in the request body:

  • Manufacturer

  • Model Number

  • Serial Number

  • Asset tag

  • Name

  • Os

  • Os version

If we look at the spread sheet, the column headers is the variable name we can reference to have it dynamically populate the value for each device. We will put that value in our lookup value format and add it to the request we are creating.

For example - with the above referenced items, I would set the values like:

If we look at the spread sheet, the column headers is the variable name we can reference to have it dynamically populate the value for each device. We will put that value in our lookup value format and add it to the request we are creating.

For example - with the above referenced items, I would set the values like:


Manufacturer = ${device_manufacturer_name}

Model Number = ${device_model}

Model ID = ${device_model}

Serial Number = ${device_serial_number}

Asset tag = ${device_asset_number}

Name = ${device_friendly_name}

Os = ${_device_platform}

Os version = ${device_os_version}

With the API builder completed, we can copy the created string for use in Postman in the next step.

  • Paste it in a notepad doc for reference in the next steps.

Here is my example code:

{

"u_manufacturer":"${device_manufacturer_name}",

"u_model_id":"${device_model}",

"u_model_number":"${device_model}",

"u_serial_number":"${device_serial_number}",

"u_asset_tag":"${device_asset_number}",

"u_name":"${device_friendly_name}",

"u_os":"${_device_platform}",

"u_os_version":"${device_os_version}"

}

We are now going to clean up the API query to submit a sample computer so we can get the POST URL string.

  • Delete all the attributes except the name field, add a dummy value and submit

In the Request section you will see the HTTP Method / URI listed - it should look simiar to:

Create a Postman Collection

In order to have intelligence do the work for us, we will be creating a new Postman collection and generating an API request. We are going to be be using the data from the service now API explorer to build a API reqest for the data we decided we want to sync and then paste that into Postman


  • Launch postman and create a new collection

  • Name your collection and Create

  • Set the authorization tab to Basic Authentiction and enter your ServiceNow Admin account

  • Set the request headers, create 2 key value pairs as shown

Change Option from GET to POST

  • In the Body section past the API body we generated in service now earlier

  • For reference mine was:

{

"u_manufacturer":"${device_manufacturer_name}",

"u_model_id":"${device_model}",

"u_model_number":"${device_model}",

"u_serial_number":"${device_serial_number}",

"u_asset_tag":"${device_asset_number}",

"u_name":"${device_friendly_name}",

"u_os":"${_device_platform}",

"u_os_version":"${device_os_version}"

}

  • We are going to do a quick test to ensure our API function works as expected.

  • Change the Name field from the lookup value to a test value, im using "test_via_postman"

  • Change the serial number field from the lookup value to a test value, im using, 1234

  • Send the request

  • You should get a 201 created response

  • The body will show the created record

At this point if you navigate to your Service now console, in the Computer asset section, we should see a new computer added

  • If that worked, change the Name and serial number values back to the lookup values

  • Save our API Request

  • Click Save response

  • Save as example

  • In the Request that opens click Save Example

  • Export the Collection

  • Export as type 2.1

  • Save

Create Workspace ONE Intelligence Automation Connector

Create the Intelligence Connector

  • Login to the UEM admin console

    • Launch the Intelligence Console - Monitor \ Intelligence \ Launch

  • Select Settings \ Integrations \ Add custom Connector

  • Give your connector a descriptive name and description

  • In the Base URL enter your ServiceNow Tenant URL

  • Select Basic Authentication

    • Enter your ServiceNow Credentials

  • Save

  • Import Actions

    • Pick the Exported Postman Collection

    • You should see your API Request

    • Click the vertical 3 dots next to the name

    • Change the name and and serial number values to some test data, hit test

    • You should see a 201 Created result

  • Verify device creation in ServiceNow

    • If you are still on the computer page, just refresh and you should see the new computer added

    • If you are not, then follow the same instructions in the Verify API action section

Create Workspace ONE Automation

  • Select Automations

  • Add automation

  • Select Category \ Workspace ONE UEM \ Devices

  • Select Get Started on the Device: Create your own card

  • Name your automation and add a description

  • Set the filter to Enrollment Status includes Enrolled, just use the search to find the filters

  • Add an Action

  • Select the connector we just created, and the action we defined

  • All of the attibues we defined in our API Call should be displayed along with the lookup value already configured

  • Save and enable the automation

  • Click on the automation you just created

  • Review the automation activity

  • Verify device creation in ServiceNow

    • If you are still on the computer page, just refresh and you should see the new computers from UEM added to your ServiceNow CMDB

If you navigate to the Communication devices section of ServiceNow, you should see the mobile devices listed as well.