Details
Content
Dependencies
Version History

Use The ServiceNow IT Service Management (ITSM) solution to modernize the way you manage and deliver services to your users.

Cortex XSOAR interfaces with ServiceNow to help streamline security-related service management and IT operations.

The data in ServiceNow tickets can be mirrored to Cortex XSOAR so that you can track the status and information in the task.
You can also provide comments or attachments in XSOAR which will appear in ServiceNow.

What does this pack do?

View, create, update, or delete a ServiceNow ticket directly from the Cortex XSOAR and enrich it with Cortex XSOAR data.
View, create, update, and delete records from any ServiceNow table.
Query ServiceNow data with the ServiceNow query syntax.

As part of this pack, you will also get 2 out-of-the-box layouts so that you can visualize ServiceNow ticket information in Cortex XSOAR.

The Create ServiceNow Ticket playbook provides an example for how to use the Mirror ServiceNow Ticket playbook to mirror data and ServiceNow Ticket State Polling sub-playbook to track when the ticket closes.

Pack Contributors:

Torbjørn Lium

Contributions are welcome and appreciated. For more info, visit our Contribution Guide.

Cortex XSIAM interfaces with ServiceNow to help streamline security-related service management and IT operations.

The data in ServiceNow tickets can be mirrored to Cortex XSIAM so that you can track the status and information in the task.
You can also provide comments or attachments in XSOAR which will appear in ServiceNow.

What does this pack do?

View, create, update, or delete a ServiceNow ticket directly from the Cortex XSIAM and enrich it with Cortex XSIAM data.
View, create, update, and delete records from any ServiceNow table.
Query ServiceNow data with the ServiceNow query syntax.

As part of this pack, you will also get 2 out-of-the-box layouts so that you can visualize ServiceNow ticket information in Cortex XSIAM.

Pack Contributors:

Torbjørn Lium

Contributions are welcome and appreciated. For more info, visit our Contribution Guide.

Automations

Name	Description
ServiceNowQueryIncident	This script is used to wrap the generic query-table command in ServiceNow. You can add fields that you want to use as inputs and outputs from the record as script arguments or in the code and work with the records easily.
ServiceNowUpdateIncident	This script is used to wrap the generic update-record command in ServiceNow. You can add fields that you want to update the record with as script arguments or in the code and work with the records easily.
ServiceNowIncidentStatus	populates the value of the ServiceNow Ticket State field and display it in a layout widget.
ServiceNowCreateIncident	This script is used to wrap the generic create-record command in ServiceNow. You can add fields that you want to create the record with as script arguments or in the code and work with the records easily.
ServiceNowAddComment	Use this script to add a comment or work note to a ServiceNow ticket. To be run within the incident.

Classifiers

Name	Description
ServiceNow Classifier	Classifies ServiceNow tickets.
ServiceNow Create Ticket - Incoming Mapper	Maps incoming ServiceNow incidents fields for ServiceNow create ticket and mirror playbook
ServiceNow - Incoming Mapper	Maps incoming ServiceNow incidents fields.
User Profile - ServiceNow (Incoming)	Maps a ServiceNow user data to a User Profile data.
ServiceNow Create Ticket - Outgoing Mapper	Maps outgoing ServiceNow incidents fields for ServiceNow create ticket and mirror playbook
ServiceNow - Outgoing Mapper	Maps outgoing ServiceNow incident Fields.
User Profile - ServiceNow (Outgoing)	Maps a User Profile data to a ServiceNow user data.

Incident Fields

Name	Description
ServiceNow Description	Ticket description
ServiceNow Resolution Notes	ServiceNow Resolution Notes
ServiceNow Caller ID	ServiceNow Caller who opened the ticket.
ServiceNow State	The ticket state
ServiceNow Severity	ServiceNow Severity
ServiceNow Category	ServiceNow Category
ServiceNow Attack Vector
ServiceNow Notify
ServiceNow Business Impact	ServiceNow ticket Business Impact
ServiceNow Impact	ServiceNow ticket Impact
ServiceNow SIR Category	ServiceNow SIR Category
ServiceNow Ticket Number	ServiceNow Ticket Number
ServiceNow Assignment Group	ServiceNow Assignment Group
ServiceNow Priority	ServiceNow Ticket Priority
ServiceNow Closed By	User who closed ServiceNow Incident
ServiceNow Assigned To	Ticket assignee
ServiceNow Caller	ServiceNow Caller who opened the ticket.
ServiceNow Resolution Code	Resolution Code Of ServiceNow Ticket
ServiceNow Ticket ID
ServiceNow Urgency	ServiceNow ticket urgency.
ServiceNow Closed Date	The ticket closed date
ServiceNow Opened Date	The ticket opened date
ServiceNow Escalation	ServiceNow Escalation
ServiceNow Due Date	ServiceNow Due Date
ServiceNow SIR State	The SIR ticket state
ServiceNow Resolved Time	The ticket resolved time

Incident Types

Name	Description
ServiceNow Create Ticket and Mirror
ServiceNow Ticket
ServiceNow SIR Incident

Integrations

Name	Description
ServiceNow IAM	Integrate with ServiceNow's services to execute CRUD operations for employee lifecycle processes.
ServiceNow v2	Use The ServiceNow IT Service Management (ITSM) solution to modernize the way you manage and deliver services to your users.
ServiceNow CMDB	ServiceNow CMDB is a service‑centric foundation that proactively analyzes service‑impacting changes, identifies issues, and eliminates outages.
ServiceNow (Deprecated)	Deprecated. Use the ServiceNow v2 integration instead.

Layouts

Name	Description
ServiceNow SIR Incident
ServiceNow Create Ticket and Mirror
ServiceNow Ticket

Playbooks

Name	Description
Create ServiceNow Ticket	Create ServiceNow Ticket allows you to open new tickets as a task from a parent playbook. When creating the ticket, you can decide to update based on on the ticket's state, which will wait for the ticket to resolve or close with StatePolling. Alternatively, you can select to mirror the ServiceNow ticket and incident fields. To apply either of these options, set the SyncTicket value in the playbook inputs to one of the following options: StatePolling Mirror Leave Blank to use none.
ServiceNow Ticket State Polling	Use ServiceNow Incident State Polling as a sub-playbook when required to pause the execution of a master playbook until the ServiceNow ticket state is either resolved or closed. This playbook implements polling by continuously running the servicenow-get-ticket command until the state is either resolved or closed.
ServiceNow CMDB Search	Subplaybook for finding CI records in ServiceNow CMDB.
Mirror ServiceNow Ticket	Mirror ServiceNow Ticket is designed to serve as a sub-playbook, which enables ticket mirroring with ServiceNow. It enables you to manage ServiceNow tickets in Cortex xSOAR while data is continuously synced between ServiceNow and Cortex xSOAR, including ServiceNow schema, fields, comments, work notes, and attachments. To enable OOTB mirroring, use the ServiceNow Create ticket - common mappers for incoming and outgoing mirroring. FieldPolling - You can the FieldPolling value to true if you only want to be informed when the ticket is resolved or closed. If FieldPolling is set to true, the FieldPolling Playbook will poll for the state(ServiceNow State field) of the ServiceNow ticket until it marks as either resolved or closed. In Addition to the playbook, we recommend that you use the included layout for ServiceNow Ticket, which helps visualize ServiceNow ticket information in Cortex xSOAR. You can add the new layout as a tab to existing layouts using the Edit Layout page.
ServiceNow - Ticket Management	`ServiceNow - Ticket Management` allows you to open a new ticket or comment on an existing ticket.

Automations

Name	Description
ServiceNowIncidentStatus	populates the value of the ServiceNow Ticket State field and display it in a layout widget.
ServiceNowUpdateIncident	This script is used to wrap the generic update-record command in ServiceNow. You can add fields that you want to update the record with as script arguments or in the code and work with the records easily.
ServiceNowQueryIncident	This script is used to wrap the generic query-table command in ServiceNow. You can add fields that you want to use as inputs and outputs from the record as script arguments or in the code and work with the records easily.
ServiceNowCreateIncident	This script is used to wrap the generic create-record command in ServiceNow. You can add fields that you want to create the record with as script arguments or in the code and work with the records easily.
ServiceNowAddComment	Use this script to add a comment or work note to a ServiceNow ticket. To be run within the incident.

Classifiers

Name	Description
ServiceNow Classifier	Classifies ServiceNow tickets.
ServiceNow - Incoming Mapper	Maps incoming ServiceNow incidents fields.
ServiceNow Create Ticket - Incoming Mapper	Maps incoming ServiceNow incidents fields for ServiceNow create ticket and mirror playbook
User Profile - ServiceNow (Outgoing)	Maps a User Profile data to a ServiceNow user data.
ServiceNow Create Ticket - Outgoing Mapper	Maps outgoing ServiceNow incidents fields for ServiceNow create ticket and mirror playbook
ServiceNow - Outgoing Mapper	Maps outgoing ServiceNow incident Fields.
User Profile - ServiceNow (Incoming)	Maps a ServiceNow user data to a User Profile data.

Incident Fields

Name	Description
ServiceNow Due Date	ServiceNow Due Date
ServiceNow Notify
ServiceNow Assignment Group	ServiceNow Assignment Group
ServiceNow Assigned To	Ticket assignee
ServiceNow SIR Category	ServiceNow SIR Category
ServiceNow Severity	ServiceNow Severity
ServiceNow Resolved Time	The ticket resolved time
ServiceNow Caller	ServiceNow Caller who opened the ticket.
ServiceNow Closed By	User who closed ServiceNow Incident
ServiceNow Resolution Code	Resolution Code Of ServiceNow Ticket
ServiceNow Caller ID	ServiceNow Caller who opened the ticket.
ServiceNow Resolution Notes	ServiceNow Resolution Notes
ServiceNow SIR State	The SIR ticket state
ServiceNow Escalation	ServiceNow Escalation
ServiceNow Impact	ServiceNow ticket Impact
ServiceNow Ticket Number	ServiceNow Ticket Number
ServiceNow Urgency	ServiceNow ticket urgency.
ServiceNow Closed Date	The ticket closed date
ServiceNow Description	Ticket description
ServiceNow Priority	ServiceNow Ticket Priority
ServiceNow Business Impact	ServiceNow ticket Business Impact
ServiceNow Attack Vector
ServiceNow Ticket ID
ServiceNow State	The ticket state

Incident Types

Name	Description
ServiceNow SIR Incident
ServiceNow Create Ticket and Mirror
ServiceNow Ticket

Integrations

Name	Description
ServiceNow IAM	Integrate with ServiceNow's services to execute CRUD operations for employee lifecycle processes.
ServiceNow Event Collector	Use this integration to fetch audit logs from ServiceNow as Cortex XSIAM events.
ServiceNow v2	Use The ServiceNow IT Service Management (ITSM) solution to modernize the way you manage and deliver services to your users.
ServiceNow (Deprecated)	Deprecated. Use the ServiceNow v2 integration instead.
ServiceNow CMDB	ServiceNow CMDB is a service‑centric foundation that proactively analyzes service‑impacting changes, identifies issues, and eliminates outages.

Modeling Rules

Name	Description
ServiceNow ServiceNow Modeling Rule

Playbooks

Name	Description
ServiceNow Ticket State Polling	Use ServiceNow Alert State Polling as a sub-playbook when required to pause the execution of a master playbook until the ServiceNow ticket state is either resolved or closed. This playbook implements polling by continuously running the servicenow-get-ticket command until the state is either resolved or closed.
ServiceNow CMDB Search	Subplaybook for finding CI records in ServiceNow CMDB.
Create ServiceNow Ticket	Create ServiceNow Ticket allows you to open new tickets as a task from a parent playbook. When creating the ticket, you can decide to update based on on the ticket's state, which will wait for the ticket to resolve or close with StatePolling. Alternatively, you can select to mirror the ServiceNow ticket and alert fields. To apply either of these options, set the SyncTicket value in the playbook inputs to one of the following options: StatePolling Mirror Leave Blank to use none.
ServiceNow - Ticket Management	`ServiceNow - Ticket Management` allows you to open a new ticket or comment on an existing ticket.
Mirror ServiceNow Ticket	Mirror ServiceNow Ticket is designed to serve as a sub-playbook, which enables ticket mirroring with ServiceNow. It enables you to manage ServiceNow tickets in Cortex XSIAM while data is continuously synced between ServiceNow and Cortex XSIAM, including ServiceNow schema, fields, comments, work notes, and attachments. To enable OOTB mirroring, use the ServiceNow Create ticket - common mappers for incoming and outgoing mirroring. FieldPolling - You can the FieldPolling value to true if you only want to be informed when the ticket is resolved or closed. If FieldPolling is set to true, the FieldPolling Playbook will poll for the state(ServiceNow State field) of the ServiceNow ticket until it marks as either resolved or closed. In Addition to the playbook, we recommend that you use the included layout for ServiceNow Ticket, which helps visualize ServiceNow ticket information in Cortex XSIAM. You can add the new layout as a tab to existing layouts using the Edit Layout page.

Required Content Packs (4)

Pack Name	Pack By
Base	By: Cortex XSOAR
Common Playbooks	By: Cortex XSOAR
Common Scripts	By: Cortex XSOAR
Filters And Transformers	By: Cortex XSOAR

Optional Content Packs (1)

Pack Name	Pack By
Common Types	By: Cortex XSOAR

All level dependencies (6)

Pack Name	Pack By
Common Scripts	By: Cortex XSOAR
Rasterize	By: Cortex XSOAR
Base	By: Cortex XSOAR
Filters And Transformers	By: Cortex XSOAR
Common Playbooks	By: Cortex XSOAR
Cortex REST API	By: Cortex XSOAR

2.6.1 - R958204 (April 15, 2024)

Integrations

ServiceNow v2

Fixed an issue in servicenow-update-ticket, where ticket_type had an interfering default value.

Related pull requests:
- 33840

Download

2.6.0 - 951066 (April 11, 2024)

Changes are not relevant for XSOAR marketplace.

Related pull requests:
- 33614

Download

2.5.65 - 941102 (April 8, 2024)

Integrations

ServiceNow v2

Added the Mirror Existing Notes For New Fetched Incidents parameter to support for mirroring ticket notes.

Related pull requests:
- 33761

Download

2.5.64 - 924992 (March 31, 2024)

Integrations

ServiceNow v2

Added support for Servicenow annotation of AM/PM.

Related pull requests:
- 33480

Download

2.5.63 - 923607 (March 31, 2024)

Integrations

ServiceNow v2

Fixed an issue where the default ticket_type was not taken from the instance configuration.
Updated the Docker image to: demisto/python3:3.10.14.90585.

Scripts

ServiceNowAddComment

Fixed an issue where the default ticket_type was not taken from the instance configuration.
Updated the Docker image to: demisto/python3:3.10.14.90585.

Related pull requests:
- 33524

Download

2.5.62 - 913451 (March 25, 2024)

Integrations

ServiceNow CMDB

Maintenance and stability enhancements.
Updated the Docker image to: demisto/python3:3.10.13.89873.

ServiceNow IAM

Maintenance and stability enhancements.
Updated the Docker image to: demisto/python3:3.10.13.89873.

Related pull requests:
- 31905

Download

2.5.61 - 909962 (March 24, 2024)

Integrations

ServiceNow v2

Added a new command servicenow-delete-file to delete attachment file from a ticket.

Related pull requests:
- 33365

Download

2.5.60 - 897231 (March 18, 2024)

Integrations

ServiceNow v2

Fixed an issue where the get-remote-data (mirroring) command was not returning the display values for all fields when the Use display values option was enabled.
Updated the Docker image to: demisto/python3:3.10.13.89009.

Mappers

ServiceNow - Incoming Mapper

Fixed an issue in the ServiceNow incoming mapper where the severity field was not being mapped correctly from ServiceNow.

Related pull requests:
- 33341

Download

2.5.59 - 891799 (March 14, 2024)

Integrations

ServiceNow v2

Fixed an issue where the default value of table_name was not taken from the instance configuration.

Scripts

ServiceNowAddComment

Fixed an issue where the default value of table_name was not taken from the instance configuration.
Updated the Docker image to: demisto/python3:3.10.13.89009.

Related pull requests:
- 33228

Download

2.5.58 - 890229 (March 14, 2024)

Integrations

ServiceNow v2

Added the add_as_entry argument to the servicenow-get-ticket-notes command to optionally add ticket notes and work notes as notes in the War Room.
Updated the Docker image to: demisto/python3:3.10.13.89009.

Related pull requests:
- 33319

Download

2.5.57 - 867923 (March 4, 2024)

Integrations

ServiceNow v2

Added support for a new time format: mmm-dd-yyyy i.e., Dec-07-2022 00:38:52.

Related pull requests:
- 33124

Download

2.5.56 - 865942 (March 4, 2024)

Integrations

ServiceNow v2

Fixed an issue where the Instance Date Format was not properly set for the fetch incidents.
Updated the Docker image to: demisto/python3:3.10.13.88772.

Related pull requests:
- 33058

Download

2.5.55 - 846375 (February 22, 2024)

Integrations

ServiceNow v2

Fixed an issue where mirroring did not update fields that were updated before adding the mirroring fields to the incident.

Related pull requests:
- 33065

Download

2.5.54 - 841209 (February 20, 2024)

Integrations

ServiceNow v2

Fixed an issue where the servicenow-upload-file command failed in case the file name contained invalid characters.
Updated the Docker image to: demisto/python3:3.10.13.87159.

Related pull requests:
- 32990

Download

2.5.53 - 836299 (February 18, 2024)

Scripts

ServiceNowIncidentStatus

Updated the Docker image to: demisto/python3:3.10.13.86272.

Related pull requests:
- 32446

Download

2.5.52 - R828628 (February 14, 2024)

Integrations

ServiceNow v2

Added the argument force_default_url to the command servicenow-create-co-from-template, which will ignore the api version configured in the instance configuration when set to true.
Updated the Docker image to: demisto/python3:3.10.13.86272.

Related pull requests:
- 32505

Download

2.5.51 - 784509 (January 25, 2024)

Integrations

ServiceNow v2

Fixed an issue where the Use Display Value parameter would not be used while fetching incidents.
Updated the Docker image to: demisto/python3:3.10.13.85667.

Related pull requests:
- 32372

Download

2.5.50 - 778227 (January 22, 2024)

ServiceNow

Locked dependencies of the pack to ensure stability for versioned core packs. No changes in this release.

Related pull requests:
- 32331

Download

2.5.49 - 741559 (January 4, 2024)

Integrations

ServiceNow v2

Fixed an issue where in some cases the incoming mirroring delete the assigned user when the update times weren't synced.

Related pull requests:
- 31351

Download

2.5.48 - 7187156 (December 17, 2023)

Integrations

ServiceNow v2

Fixed an issue with the outgoing mirroring functionality where newly created tickets were incorrectly closed.
Updated the Docker image to: demisto/python3:3.10.13.83255.

Related pull requests:
- 31194

Download

2.5.47 - 7153835 (December 13, 2023)

Scripts

ServiceNowUpdateIncident

Updated the Docker image to: demisto/python3:3.10.13.83255.

ServiceNowQueryIncident

Updated the Docker image to: demisto/python3:3.10.13.83255.

ServiceNowCreateIncident

Updated the Docker image to: demisto/python3:3.10.13.83255.

ServiceNowAddComment

Updated the Docker image to: demisto/python3:3.10.13.83255.

Related pull requests:
- 31439

Download

2.5.46 - 6906425 (November 16, 2023)

Integrations

ServiceNow v2

Prettify HTML entries synced to ServiceNow.

Related pull requests:
- 30923
- 30895

Download

2.5.45 - 6840235 (November 9, 2023)

Integrations

ServiceNow v2

Updated the Docker image to: demisto/python3:3.10.13.80014.
Added the Mirrored XSOAR Ticket custom close resolution code parameter, which allows you to define the custom ServiceNow resolution codes that correspond to the Cortex XSOAR incident custom close reasons defined in the server configuration.

Related pull requests:
- 30599

Download

2.5.44 - 6738192 (October 29, 2023)

Integrations

ServiceNow v2

Updated the Docker image to: demisto/python3:3.10.13.78960.
Added the date format MM/dd/yyyy to the Instance Date Format drop-down parameter.

Related pull requests:
- 30377

Download

2.5.43 - 6636841 (October 18, 2023)

Integrations

ServiceNow v2

Updated the Docker image to: demisto/python3:3.10.13.75921.
Added the argument custom_api to the servicenow-generic-api-call command. This makes it possible to send requests to ServiceNow Scripted REST APIs.

Related pull requests:
- 30171
- 30016

Download

2.5.42 - R6592021 (October 13, 2023)

Integrations

ServiceNow v2

Updated the Docker image to: demisto/python3:3.10.13.74666.
Fixed an issue in the mirror-out functionality where tickets with types other than incident were not being closed properly. The integration will now correctly close mirrored tickets regardless of ticket type.

Related pull requests:
- 29636

Download

2.5.41 - R6303396 (September 12, 2023)

ServiceNow

Locked dependencies of the pack to ensure stability for versioned core packs. No changes in this release.

Related pull requests:
- 29466

Download

2.5.40 - 6253250 (September 6, 2023)

Integrations

ServiceNow IAM

Updated the Docker image to: demisto/python3:3.10.13.72123.

ServiceNow CMDB

Updated the Docker image to: demisto/python3:3.10.13.72123.

ServiceNow v2

Fixed an issue where getting attachments and the mirror-in functionality would fail when using the v2 api version.

Related pull requests:
- 29433

Download

2.5.38 - 6226805 (September 3, 2023)

Integrations

ServiceNow v2

Added a default value for a note entry when mirroring-in incidents.
Updated the Docker image to: demisto/python3:3.10.13.72123.

Related pull requests:
- 28970

Download

2.5.37 - 6133197 (August 23, 2023)

Integrations

ServiceNow IAM

Updated the Docker image to: demisto/python3:3.10.12.68714.

ServiceNow v2

Updated the Docker image to: demisto/python3:3.10.12.68714.

ServiceNow CMDB

Updated the Docker image to: demisto/python3:3.10.12.68714.

Related pull requests:
- 29157

Download

2.5.36 - 5969979 (August 6, 2023)

ServiceNow

Locked dependencies of the pack to ensure stability for versioned core packs. No changes in this release.

Related pull requests:
- 28753

Download

2.5.35 - 5929869 (August 1, 2023)

Playbooks

ServiceNow Ticket State Polling

Fixed an issue in the dt input.

Related pull requests:
- 28653

Download

2.5.34 - 5876761 (July 26, 2023)

Integrations

ServiceNow IAM

Updated the Docker image to: demisto/python3:3.10.12.66339.

ServiceNow v2

Updated the Docker image to: demisto/python3:3.10.12.66339.

ServiceNow CMDB

Updated the Docker image to: demisto/python3:3.10.12.66339.

Related pull requests:
- 28510

Download

2.5.33 - R5866730 (July 25, 2023)

Scripts

ServiceNowUpdateIncident

Updated the Docker image to: demisto/python3:3.10.12.63474.

ServiceNowQueryIncident

Updated the Docker image to: demisto/python3:3.10.12.63474.

ServiceNowCreateIncident

Updated the Docker image to: demisto/python3:3.10.12.63474.

ServiceNowAddComment

Updated the Docker image to: demisto/python3:3.10.12.63474.

ServiceNowIncidentStatus

Updated the Docker image to: demisto/python3:3.10.12.63474.

Related pull requests:
- 27997

Download

2.5.32 - R5692327 (July 5, 2023)

Integrations

ServiceNow CMDB

Updated the Docker image to: demisto/python3:3.10.12.63474.

Related pull requests:
- 27820

Download

2.5.31 - 5649943 (June 29, 2023)

Integrations

ServiceNow IAM

Updated the Docker image to: demisto/python3:3.10.12.63474.

ServiceNow v2

Updated the Docker image to: demisto/python3:3.10.12.63474.

Related pull requests:
- 27802

Download

2.5.30 - 5574470 (June 20, 2023)

Mappers

ServiceNow - Incoming Mapper

Fixed an issue where the incident field ServiceNow State would sometimes hold a concatenation of strings if the incident's state had two digits or more, and held the values 1,2,3,6,7,8.

Related pull requests:
- 27479

Download

2.5.29 - 5564339 (June 19, 2023)

Playbooks

ServiceNow - Ticket Management

Added input serviceNowAssignmentGroup - This input determines the group to which to assign the new ticket.

Related pull requests:
- 27546

Download

2.5.28 - 5540680 (June 15, 2023)

Playbooks

New: ServiceNow - Ticket Management

New: ServiceNow - Ticket Management allows you to open new tickets or update comments to the existing ticket using the playbook's tasks. (Available from Cortex XSOAR 6.8.0).

Related pull requests:
- 27451

Download

2.5.27 - 5498982 (June 11, 2023)

Integrations

ServiceNow v2

Added support for fetch logs.
Updated the Docker image to: demisto/python3:3.10.12.62631.

Related pull requests:
- 27124

Download

2.5.26 - 5476421 (June 8, 2023)

Integrations

ServiceNow v2

Fixed an issue where incidents would automatically close when the Mirrored XSOAR Ticket custom close state code parameter was set, even when they shouldn't have been closed.
Updated the Docker image to: demisto/python3:3.10.11.61265.

Related pull requests:
- 27288

Download

2.5.25 - R5450895 (June 5, 2023)

Integrations

ServiceNow v2

Fixed an issue in update-remote-data command where files mirrored from ServiceNow would be mirrored again from XSOAR to ServiceNow.

Related pull requests:
- 27117

Download

2.5.24 - 5394642 (May 29, 2023)

Integrations

ServiceNow v2

Fixed an issue where the servicenow-get-ticket-notes command would fail on tickets with notes that contain two or more new lines.

Related pull requests:
- 26466

Download

2.5.23 - 5356324 (May 24, 2023)

Integrations

ServiceNow v2

Fixed an issue where in some cases 404 error code wasn't handled correctly.
Updated the Docker image to: demisto/python3:3.10.11.61265.

Related pull requests:
- 26941

Download

2.5.22 - 5318720 (May 21, 2023)

Scripts

ServiceNowCreateIncident

Added the skipprepare attribute to prevent scripts and tasks containing the word incident from being replaced with the word alert.
Updated the Docker image to: demisto/python3:3.10.11.58677.

ServiceNowIncidentStatus

Added the skipprepare attribute to prevent scripts and tasks containing the word incident from being replaced with the word alert.
Updated the Docker image to: demisto/python3:3.10.11.58677.

ServiceNowQueryIncident

Added the skipprepare attribute to prevent scripts and tasks containing the word incident from being replaced with the word alert.
Updated the Docker image to: demisto/python3:3.10.11.58677.

ServiceNowUpdateIncident

Added the skipprepare attribute to prevent scripts and tasks containing the word incident from being replaced with the word alert.
Updated the Docker image to: demisto/python3:3.10.11.58677.

Related pull requests:
- 26365

Download

2.5.21 - 5299536 (May 18, 2023)

Integrations

ServiceNow CMDB

Updated the Docker image to: demisto/python3:3.10.11.59070.

ServiceNow IAM

Updated the Docker image to: demisto/python3:3.10.11.59070.

ServiceNow v2

Updated the Docker image to: demisto/python3:3.10.11.59070.

Related pull requests:
- 26612

Download

2.5.20 - R5170573 (May 2, 2023)

Integrations

ServiceNow v2

Fixed an issue where fetch-incidents filter out incidents due to wrong id in the last run.

Related pull requests:
- 26097

Download

2.5.19 - 5117210 (April 25, 2023)

Integrations

ServiceNow CMDB

Updated the Docker image to: demisto/python3:3.10.11.55362.

ServiceNow IAM

Updated the Docker image to: demisto/python3:3.10.11.55362.

ServiceNow v2

Updated the Docker image to: demisto/python3:3.10.11.55362.

Related pull requests:
- 26084

Download

PUBLISHER

Cortex

PLATFORMS

Cortex XSOARCortex XSIAM

INFO

Certification	Certified	Read more
Supported By	Cortex
Created	July 7, 2020
Last Release	April 15, 2024

WORKS WITH THE FOLLOWING INTEGRATIONS:

DISCLAIMER

Content packs are licensed by the Publisher identified above and subject to the Publisher’s own licensing terms. Palo Alto Networks is not liable for and does not warrant or support any content pack produced by a third-party Publisher, whether or not such packs are designated as “Palo Alto Networks-certified” or otherwise. For more information, see the Marketplace documentation.