ServiceNow Incidents and Azure Data Explorer (Kusto query language):

 

Introduction:

Azure resources are as important to IT operations management as any other on-premises resources and enterprise applications. ServiceNow provides robust ITOM capabilities. Microsoft Graph and Kusto Query language empower intelligent experiences. The Graph or a Kusto database just needs mechanisms to bring content from external services. Connectors offer a simple and intuitive way to do just that. For example, the data brought in from the organization can appear in Microsoft Search results. This expands the type of content sources that are searchable in Microsoft 365 productivity applications and the broader ecosystem.  There are over a hundred connectors that are currently available from Microsoft and partners which include Azure Services and ServiceNow. Kusto is popular both with Azure monitor as well as Azure data explorer. It is a read only request to process data and return results in plain text. If uses a data flow model that is remarkably like the slice and dice operators in the shell commands.IT can work with structured data with the help of tables, rows, and columns but it is not restricted to schema-based entities. It can be applied to unstructured data such as telemetry data. It consists of a sequence of statements delimited by semicolon operator and has at least one tabular query operator. The name of a table is sufficient to stream the rows to a pipeline operator that separates the filtering into its own stage with the help of a SQL like where clause. Sequences of where clauses can be chained to result in a more refined set of resulting rows. It can be as short as a tabular query operator, a data source, and a transformation. Any use of new tables, rows and columns requires the use of control commands that are differentiated from Kusto queries because they begin with a dot character. The separation of these control commands helps with security of the overall data analysis routines. Administrators will have less hesitation for Kusto queries to run on their data. Control commands also help to manage entities or discover their metadata. A sample control command is a “.show” command that shows all the tables in the current database.

The power of querying ServiceNow Incidents in Kusto Query Language is unparalleled for Azure resources. This article explains one such method.

 

Method:

Here is one method to integrate ServiceNow with Azure DevOps followed by Kusto.

1.       The first step requires access to the SNOW portal for ServiceNow.

2.       Then the Devops integration application (plugin) is installed

3.       The next step is to navigate to: Search > Connection & credential aliases > New > Name= “Azuredemo1” > submit

4.       Followed by navigation to Search > credentials > new > basic Auth > name = “Azuredevops1” > username = “AzureDevOps1”.  For password = go to Azure DevOps and create new personal access token (top right corner select User settings > Personal access token)

5.       Then we copy and paste this token into SNOW credentials password tab.

6.       And click Submit

7.       This is followed by navigation to: Snow portal > Search > connection > new > HTTP(s) > name = AzureDevOps1 > Credentials = select the one which we created in previous step (“Azuredevops1”) > connection alias = select the aliases we created before (“Azuredemo1”) > connection URL = go to Azure DevOps > org settings > copy URL from overview tab and past it in SNOW portal > submit

8.       It is followed by SNOW portal > search > Azure DevOps Instance > New > name = “AzureDemo1” > connection alias = select the aliases we created before (“AzureDemo1”) > Version = compatible one. > submit

9.       Then, the Azure DevOps Instance dashboard is accessed and AzureDemo1 (new instance that was just created) is selected > click on Connect > once we do that our state will change to “Connected”

10.   Then create mapping is selected > “map is created successfully”

11.   Then Discover Projects is selected > under Azure DevOps Project tab. We should see our project from Azure DevOps (ie :DCP)

12.   Now project (DCP) is clicked > register webhooks > it will enable connection b/w Azure DevOps and SNOW

13.   Followed by navigation to Team integration settings > new > assignment group = “select your agile group” (We can create our own agile group from search > agile azure devops integration > create agile group) > Team = “select our azure devops team” (imported from Azure) > submit

14.   This lets us create, delete or modify user story/feature from either Azure DevOps or SNOW portal, and they will be integrated automatically.