We migrated ticketing systems!

If you would like to check on the status of a ticket, please visit huntress.zendesk.com.

For the time being, our documentation will stay the same, we will make a hard cutover when all the documentation is ready. The Huntress Support site will continue to be support.huntress.io, it will just come with a new look and feel.

Click here to check the status of a ticket



Top

Reporting Incidents to ServiceNow

Huntress can report incidents and remediation recommendations directly to your ServiceNow ticket queue. This is a two-part process that involves:

1
Creating the ServiceNow API and retrieving credentials
2
Creating a role for incident reporting in ServiceNow

Creating the ServiceNow API and retrieving credentials

1. Log in to your Huntress dashboard with your admin account

2.Click on the menu in the upper-right corner and select integrations

3. Click the "Add" button in the upper right of the integrations page

4. Choose "ServiceNow" integration under Incident Reporting. ServiceNow is considered Beta

5. An OAuth integration will need to be set up in order to utilize ServiceNow. after clicking on ServiceNow there are multiple fields that need to be filled in. The Instance ID, Client ID, and the Client Secret are necessary for Huntress to connect via OAuth. The Username and Password will come into play later when the user and role are setup in ServiceNow to receive incidents from Huntress.

6. Retrieve the Instance ID from ServiceNow

On the browser homepage of the ServiceNow account, the ID will be in the URL between "https://" and ".service-now.com" 

Copy and paste the ID in the "Instance ID" field on the Huntress Integrations page

7. Creating the OAuth Integration

There is a search bar located in the top left of the menu. Search for "OAuth" and then select "Application Registry" under System OAuth.

8. This will take you to the Application Registry page where you want to add a new application. Click "New" at the top of the page

9. Select "Create an OAuth API endpoint for external clients"

10. On the OAuth API creation page, the Client ID and Application fields will already be filled. The only fields that need to be manually filled are "Name" and "Client Secret" 

Name the Application "Huntress"


The Client Secret field is a field for a shared key password. You can either create one or leave the field blank for ServiceNow to create one for you. 

Click "Submit" in the upper right corner

Huntress should now appear on the Application Registry page

Selecting Huntress will bring you back to the OAuth API creation page. If the Client Secret was kept blank, and ServiceNow created it automatically, clicking on the lock icon to the right will show the generated secret key

11. On the OAuth page copy the Client ID and the Client Secret to paste into the Huntress Integration setup page

Creating a role in ServiceNow for incident reporting

1. For the Username field, a user will need to be created in ServiceNow. Navigate back to the ServiceNow dashboard and select User Administration.

2. Select Users, and then "New" at the top of the User Administration page

3. The only fields that need to be filled in are User ID, First name, Last name, and password. It is recommended to make the User ID and name something easily recognizable such as "Huntress API". Create a passcode and make sure the boxes next to "Active" and "web service access only" are checked off, then click Submit. 

4. Now that the user has been created, a role needs to be assigned in order for it to create incidents. This step is important. If the user is not assigned the appropriate role tickets from Huntress will not be received.

Search for the user 

Once on the User page, select the "Roles" tab and "Edit"

2. Once On the roles page enter sn_incident in the search bar. Select incident write and move it to the User roles column on the right, then save. Setting this role will automatically assign all roles necessary for incident reports to be sent.

3. After the user is created, enter the Username and password on the Huntress Integration setup page and select "Add"

If the integration was set up correctly, there will be a green checkmark in the Status column for ServiceNow. If your connection was successful, congratulations! Huntress can now directly report incidents and remediation recommendations to your ServiceNow PSA. If your connection failed, select the pencil icon to edit your integration's settings. If you have any trouble getting this setup, don't hesitate to drop us an email.

When Huntress sends incidents to ServiceNow they will be put in the incidents under "Service Desk"