Edge Delta data input configuration fields

Release version: Yokohama

Updated January 30, 2025

2 minutes to read

Summarize

Summarized using AI

Summary of Edge Delta data input configuration fields

This guide details the configuration fields required to set up an Edge Delta data input within ServiceNow. It explains the purpose and usage of each field on the Edge Delta data input configuration form, enabling customers to correctly stream log data to their ServiceNow instance for effective monitoring and root cause analysis.

Show full answer Show less

Key Configuration Fields

Data input name: The mandatory name identifying the new data input.
Description: Optional field to provide details about the data input.
Transport: Specifies the protocol used to stream log messages. Customers choose between:
- TCP: Preferred for high-volume log data. Requires specifying the MID Server and port. TLS/SSL is not supported with TCP. A corresponding TCP destination must be created in Edge Delta with matching MID Server host and port.
- HTTP: Suitable for smaller logs using RESTful APIs over HTTP or HTTPS. Requires specifying the MID Web Server, which auto-populates the MID Server and port fields. Secure connections use HTTPS if enabled on the MID Web Server. Authentication can be Basic or API Key, which must be included in the Authorization header. An HTTP destination with the correct Endpoint URL and headers must be created in Edge Delta.
MID Web Server: The MID Web Server streaming the log data, required for HTTP transport and auto-populates related fields.
MID Server: The server receiving the Edge Delta logs; mandatory for all transports.
Port: The listening port on the MID Server. Must be within the suggested range, not occupied by other processes, and opened by the organization's security team. Auto-populated for HTTP transport.
Service instance: Required field to bind the log data to a specific service instance. This linkage supports CMDB correlation for root cause analysis. If no relevant service instance exists, customers should create one, add CIs, and set its status to Operational.

Practical Considerations for ServiceNow Customers

Choose the transport protocol based on log volume and security requirements.
Ensure the MID Server and port configurations align with your network and security policies.
Properly configure authentication headers when using HTTP transport to ensure secure log transmission.
Bind logs to the appropriate service instance to leverage ServiceNow’s root cause analysis capabilities through HLA and CMDB correlations.
Coordinate with your security team to open necessary ports and validate the MID Server and MID Web Server setup.

Description of the fields on the Edge Delta data input configuration form.

Table 1. Edge Delta data input configuration form
Field	Description
Data input name	Name of the new data input. This field is required.
Description	Description of the data input.
Transport	The Edge Delta destination used for streaming log messages to the ServiceNow instance. The options are: TCP - Frequently used for handling large volumes of log data. If you select TCP, you must provide the MID Server and port. When choosing the TCP transport option, create a TCP destination in Edge Delta to send log data to the instance from any source, using the same MID Server host and port you have configured for the Edge Delta data input. Note: For TCP, TLS/SSL is not supported. HTTP: Frequently used for sending smaller logs via RESTful APIs, HTTP, or HTTPS for secure transmission. Note: For the HTTP protocol, authentication is used. If you select HTTP, you must provide the MID Web Server that is running on the MID Server. The system then populates the MID Server and port fields automatically, based on the provided MID Web Server. Depending on the MID Web Server configuration, you can send logs using either HTTP or HTTPS. If the Secure Connection check box on the MID Web Server extension form is clear, use HTTP. If it is selected, use HTTPS. For more information, see Event Management MID Web Server extension form. In addition, if the Authentication Type on the MID Web Server extension form is Basic, provide Basic authentication details in the Authorization header. If the Authentication Type is API Key, provide the key as “Key Api_Key". When choosing the HTTP transport option, create an HTTP destination in Edge Delta and enter the Endpoint URL in the following format: http://{MID_SERVER_IP}:{MID_WEB_SERVER_PORT}/api/mid/hla/raw. In Advanced Settings, create two headers to be attached to the HTTP request: An Authorization header with the MID Web Server API key value or basic credentials as MID Web Server configured. A Content-Type header named with the application/json value.
MID web server	The MID Web Server to which the log data is streamed.
MID server	The MID Server to which the Edge Delta logs are streamed. This field is required. If you selected HTTP in the Transport field, this field is populated automatically based on the selected MID Web Server.
Port	The port on the MID Server used for listening to logs. Choose a port within the suggested range from the array. In the case of TCP transport, the port must not be occupied by another process. Make sure that your organization’s security team opens the selected port. This field is required. If you selected HTTP in the Transport field, this field is populated automatically based on the selected MID Web Server.
Service instance	The service instance to which to bind the log data. This field is required. Choosing the service instance enables HLA to correlate CIs and service instances in the CMDB for root cause analysis. Note: If no relevant service instance exists, Create an service instance and add CIs to it. Set the status of the new service instance to Operational.