Set up integrations from Integrations Launchpad

  • Release version: Yokohama
  • Updated January 30, 2025
  • 2 minutes to read
    • Summarize
    Summarized using AI
    This content was generated using new OpenAI-powered functionality. Results are provided on an as is basis and are not guaranteed to be accurate or complete.

    Summary of Set up integrations from Integrations Launchpad

    The Integrations Launchpad in Service Operations Workspace for ITOM provides a unified interface to configure integrations that bring raw log messages from external sources into your ServiceNow instance. This setup enables Health Log Analytics to process and analyze log data efficiently, supporting enhanced IT operations management.

    Show full answer Show less

    Pull Integrations

    Pull integrations retrieve log data from external sources and stream it into your instance through a MID Server. These connectors allow you to ingest logs from various platforms, facilitating centralized log analysis. Key pull integrations include:

    • Elasticsearch: Streams logs from Elasticsearch indices.
    • ServiceNow System Logs Retriever: Sends system log data to Health Log Analytics AI engine. Note that only one such data input can exist and requires admin privileges; it does not use a MID Server.
    • Apache Kafka: Streams logs from Kafka topics.
    • Splunk Poller: Periodically pulls log data from Splunk based on queries.
    • Amazon CloudWatch and Amazon S3: Streams logs from AWS CloudWatch and S3 buckets respectively.
    • Microsoft Azure Log Analytics: Connects to Azure Log Analytics to stream log data.
    • MID Server: Collects and streams log messages from the MID Server itself.

    Push Integrations

    Push integrations accept log data pushed from external sources directly into your instance via a MID Server. These allow real-time or near-real-time log streaming from various protocols and services. Key push integrations include:

    • UDP and TCP: Receive raw log messages over UDP or TCP/SSL sockets.
    • REST API: Accepts logs streamed in JSON format.
    • GCP PubSub: Receives logs published to Google Cloud Pub/Sub topics.
    • Splunk UDP and TCP: Streams logs using Splunk heavy forwarders over UDP or TCP.
    • Amazon Data Firehose: Streams logs directly to ITOM Gateway’s collector service for queuing and processing.
    • Vector Agent: Supports streaming of log messages via a Vector Agent into Health Log Analytics.

    Practical Benefits for ServiceNow Customers

    By leveraging these integrations, customers can centralize log data collection from diverse sources for comprehensive Health Log Analytics. This enables proactive monitoring, faster issue detection, and improved IT operations insights. The Launchpad simplifies setup and management of these integrations, ensuring streamlined connectivity and data flow into ServiceNow.

    Set up integrations for Health Log Analytics from the Event Management Integrations Launchpad in Service Operations Workspace for ITOM.

    Integrations Launchpad

    The Integrations Launchpad tool provides a unified interface for convenient integration with connectors that feed raw log messages from external sources into your ServiceNow instance for processing and analysis. For more information, see Integrations Launchpad in Service Operations Workspace for ITOM.

    Integrations for Health Log Analytics

    The Integrations Launchpad enables the following integrations for Health Log Analytics:

    Pull integrations
    These integrations pull log data from external data sources and stream the data to your instance via a MID Server. Select an integration in the table to open a page with the setup procedure.
    Table 1. Pull integrations
    Integration Description
    Elasticsearch Streams log data from Elasticsearch indices to your instance.
    ServiceNow System Logs Retriever Sends log data from the ServiceNow System Log table to the Health Log Analytics AI engine.
    Note:
    Only a single ServiceNow System Logs Retriever data input can exist in the system, and only users with the admin role can create and configure it. This data input doesn't run on a MID Server.
    Apache Kafka Streams log data from Apache Kafka to your instance.
    Splunk Poller Pulls log data from Splunk to your ServiceNow instance periodically by query.
    Amazon CloudWatch Streams log data from Amazon CloudWatch to your instance.
    Amazon S3 Streams log data from Amazon S3 (Simple Storage Service) buckets to your instance.
    Microsoft Azure Log Analytics Streams log data from Microsoft Azure Log Analytics to your instance. The connector points the Health Log Analytics AI engine to a data source in your Microsoft Azure Log Analytics account.
    MID Server Collects log messages from the MID Server and streams them to your instance.
    Push integrations
    These integrations connect to external data sources that push log data to your instance via a MID Server. Select an integration in the table to open a page with the setup procedure.
    Table 2. Push integrations
    Integration Description
    UDP Sends raw log messages to your instance directly over a UDP socket.
    TCP Sends raw log messages to your instance directly over a TCP/SSL socket.
    REST API Streams log data to your instance in JSON format.
    GCP PubSub Receives log messages that were published to a Google Cloud Pub/Sub topic and streams them to your instance.
    Splunk UDP Streams log messages to your ServiceNow instance over the UDP transport protocol using a Splunk heavy forwarder.
    Splunk TCP Streams log messages to your ServiceNow instance over the TCP transport protocol using a Splunk heavy forwarder.
    Amazon Data Firehose Streams log messages from Amazon Data Firehose directly to the collector service in ITOM Gateway, where it’s queued for Health Log Analytics processing.
    Vector Agent Enables Health Log Analytics to process log messages that are streaming into your instance via a Vector Agent.