TCP integration configuration fields

  • Release version: Yokohama
  • Updated July 31, 2025
  • 2 minutes to read
    • Summarize
    Summarized using AI
    This content was generated using new OpenAI-powered functionality. Results are provided on an as is basis and are not guaranteed to be accurate or complete.

    Summary of TCP Integration Configuration Fields

    The TCP integration configuration for Health Log Analytics allows ServiceNow customers to set up and manage log data ingestion effectively. This integration is essential for streaming logs to a ServiceNow instance via TCP protocol, ensuring smooth data flow and analysis.

    Show full answer Show less

    Key Features

    • Integration Name: A unique identifier for the integration, required for configuration.
    • MID Server Name: Specifies the MID Server for log streaming; only those with log ingestion capabilities are listed.
    • Port: A unique port number for the MID Server that must be opened by the organization's security team.
    • Service Instance: Required binding of log data to a specific service instance.
    • Transport: Indicates the use of TCP for log message streaming (read-only).
    • Description: Optional field for a brief explanation of the integration.

    Advanced Settings

    • Use SSL/TLS: Option to enable secure communication.
    • Lookup Hostnames: Enables DNS resolution of IPs to hostnames.
    • Thread Counts: Configurable counts for boss and worker threads managing connections and data handling.
    • Read Timeout Seconds: Sets the time zone for logs that lack a specified time zone, defaulting to GMT.
    • Default Timezone: Specifies the default time zone for events.
    • Sub Sample Ratios: Control the ratio of events to drop or receive.
    • Max Length in Bytes: Defines the maximum allowable size of log messages.
    • Character Encoding: Sets the character encoding for the data input.
    • Drop if Queue is Full: Option to discard logs when MID Server load is high.
    • Line Breaker Delimiters: Defines delimiters for separating log lines, formatted as a comma followed by a space.

    Key Outcomes

    By configuring the TCP integration correctly, ServiceNow customers can ensure efficient and secure log data management, enabling better monitoring, analysis, and response for their IT operations. Proper configuration supports optimal performance and reliability of log ingestion processes.

    Description of the fields on the TCP integration configuration forms for Health Log Analytics.

    For the TCP integration setup procedure, see Set up a TCP integration for Health Log Analytics.

    Table 1. Provide details tab
    Field Description
    Integration Name Unique name of this integration. For example: My TCP integration. This field is required.
    Note:
    When you fill in this field, the generic name displayed on the form adjusts automatically to match the name you entered.
    MID server name The MID Server to which the logs are streamed. This field is required.
    • You can select only MID Servers with log ingestion capability that support basic authentication. MID Servers that support mTLS are not listed.
    • The default maximum number of data inputs streaming logs to a single MID Server is 10. You can modify this number in the MID Server properties.
    Port The port for the MID Server. This field is required.

    Select a unique port from the array. The placeholder shows the range of ports from which to choose. Make sure that your organization’s security team opens the selected port.
    Service instance The service instance to which to bind the log data. This field is required.
    Transport The protocol used for streaming log messages to your ServiceNow instance: TCP. This field is read-only.
    Description Option to add a brief description of the integration to help identify it.
    Table 2. Advanced settings
    Field Description
    Use SSL/TLS Option to use SSL/TLS.
    Lookup hostnames Option to perform DNS lookup to resolve IPs to hostnames.
    Boss thread count The number of threads that manage connections.
    Worker thread count The number of threads that handle incoming data.
    Read timeout seconds The time zone of events that the system will use if a log does not specify the time zone.

    By default, the system uses GMT in such cases, but you can specify a different time zone.
    Default timezone The default time zone of events. The system uses this default when the log does not specify a time zone.
    Sub sample drop ratio The ratio of events to drop.
    Sub sample receive ratio The ratio of events to receive.
    Max length in bytes The maximum length of log messages in bytes.
    Character encoding The character encoding for this data input.
    Drop if queue is full Option to discard logs if there is a load on the MID Server.
    Line breaker delimiters The line break character separating the raw log lines.

    Splitting values must be separated by a comma followed by a space: ", ". For example: "\r, \n, , splitHere, #".