Send Azure service health alerts with ServiceNow using webhooks
Article
This article shows you how to integrate Azure service health alerts with ServiceNow using a webhook. After setting up webhook integration with your ServiceNow instance, you get alerts through your existing notification infrastructure when Azure service issues affect you. Every time an Azure Service Health alert fires, it calls a webhook through the ServiceNow Scripted REST API.
Creating a scripted REST API in ServiceNow
Make sure you have signed up for and are signed into your ServiceNow account.
Navigate to the System Web Services section in ServiceNow and select Scripted REST APIs.
Select New to create a new Scripted REST service.
Add a Name to your REST API and set the API ID to azureservicehealth.
Select Submit.
Select the REST API you created, and under the Resources tab select New.
Name your new resource event and change the HTTP method to POST.
In the Script section, add the following JavaScript code:
Note
You need to update the <secret>,<group>, and <email> value in the script below.
<secret> should be a random string, like a GUID
<group> should be the ServiceNow group you want to assign the incident to
<email> should be the specific person you want to assign the incident to (optional)
JavaScript
(functionprocess(/*RESTAPIRequest*/ request, /*RESTAPIResponse*/ response) {
var apiKey = request.queryParams['apiKey'];
var secret = '<secret>';
if (apiKey == secret) {
var event = request.body.data;
var responseBody = {};
if (event.data.context.activityLog.operationName == 'Microsoft.ServiceHealth/incident/action') {
var inc = new GlideRecord('incident');
var incidentExists = false;
inc.addQuery('number', event.data.context.activityLog.properties.trackingId);
inc.query();
if (inc.hasNext()) {
incidentExists = true;
inc.next();
} else {
inc.initialize();
}
var short_description = "Azure Service Health";
if (event.data.context.activityLog.properties.incidentType == "Incident") {
short_description += " - Service Issue - ";
} elseif (event.data.context.activityLog.properties.incidentType == "Maintenance") {
short_description += " - Planned Maintenance - ";
} elseif (event.data.context.activityLog.properties.incidentType == "Informational" || event.data.context.activityLog.properties.incidentType == "ActionRequired") {
short_description += " - Health Advisory - ";
}
short_description += event.data.context.activityLog.properties.title;
inc.short_description = short_description;
inc.description = event.data.context.activityLog.properties.communication;
inc.work_notes = "Impacted subscription: " + event.data.context.activityLog.subscriptionId;
if (incidentExists) {
if (event.data.context.activityLog.properties.stage == 'Active') {
inc.state = 2;
} elseif (event.data.context.activityLog.properties.stage == 'Resolved') {
inc.state = 6;
} elseif (event.data.context.activityLog.properties.stage == 'Closed') {
inc.state = 7;
}
inc.update();
responseBody.message = "Incident updated.";
} else {
inc.number = event.data.context.activityLog.properties.trackingId;
inc.state = 1;
inc.impact = 2;
inc.urgency = 2;
inc.priority = 2;
inc.assigned_to = '<email>';
inc.assignment_group.setDisplayValue('<group>');
var subscriptionId = event.data.context.activityLog.subscriptionId;
var comments = "Azure portal Link: https://app.azure.com/h";
comments += "/" + event.data.context.activityLog.properties.trackingId;
comments += "/" + subscriptionId.substring(0, 3) + subscriptionId.slice(-3);
var impactedServices = JSON.parse(event.data.context.activityLog.properties.impactedServices);
var impactedServicesFormatted = "";
for (var i = 0; i < impactedServices.length; i++) {
impactedServicesFormatted += impactedServices[i].ServiceName + ": ";
for (var j = 0; j < impactedServices[i].ImpactedRegions.length; j++) {
if (j != 0) {
impactedServicesFormatted += ", ";
}
impactedServicesFormatted += impactedServices[i].ImpactedRegions[j].RegionName;
}
impactedServicesFormatted += "\n";
}
comments += "\n\nImpacted Services:\n" + impactedServicesFormatted;
inc.comments = comments;
inc.insert();
responseBody.message = "Incident created.";
}
} else {
responseBody.message = "Hello from the other side!";
}
response.setBody(responseBody);
} else {
var unauthorized = new sn_ws_err.ServiceError();
unauthorized.setStatus(401);
unauthorized.setMessage('Invalid apiKey');
response.setError(unauthorized);
}
})(request, response);
In the security tab, uncheck Requires authentication and select Submit. The <secret> you set protects this API instead.
Back at the Scripted REST APIs section, you should find the Base API Path for your new REST API:
In this module, you learn how Azure Monitoring alerts proactively notifies you when Azure Monitor data indicates there might be a problem with your infrastructure or applications before the problem becomes one for your users.
Improve business processes for customer service functions, such as automatic case creation and queue management with Microsoft Dynamics 365 Customer Service.