README.md

Author: trimbakeshmadhan-109

Core ServiceNow APIs/GlideJsonPath/Basic-Example/Creating a P1 Major Incident from an external monitoring system/README.md

@@ -0,0 +1,59 @@
+Create Critical P1 Incident from Alert
+This script provides the server-side logic for a Scripted REST API endpoint in ServiceNow. It allows external monitoring tools to send alert data via a POST request, which is then used to automatically create a high-priority, P1 incident.
+Overview
+The API endpoint performs the following actions:
+Receives a JSON Payload: Accepts a POST request containing a JSON payload with alert details (severity, description, source, CI).
+Parses Data: Uses the GlideJsonPath API to efficiently extract the necessary alert information from the JSON body.
+Validates Request: Ensures that the severity is CRITICAL and the description is present. It sends an appropriate error response for invalid or incomplete data.
+Creates Incident: If the data is valid, it creates a new incident record in the incident table.
+Sets Incident Fields: Automatically populates the incident's short_description, description, source, and sets the impact, urgency, and priority to 1 - High/Critical.
+Associates CI: If a ci_sys_id is provided in the payload, it links the incident to the correct Configuration Item.
+Logs Activity: Logs the successful creation of the incident in the system log for tracking and auditing purposes.
+Responds to Sender: Sends a JSON response back to the external system, confirming success or failure and providing the new incident's number and sys_id.
+Expected JSON payload
+The external system should send a POST request with a JSON body structured like this:
+json
+{
+    "alert": {
+        "severity": "CRITICAL",
+        "description": "The primary database server is down. Users are unable to log in.",
+        "source": "Dynatrace",
+        "configuration_item": "DB_Server_01",
+        "ci_sys_id": "a1b2c3d4e5f6g7h8i9j0k1l2m3n4o5p6" 
+    }
+}
+Use code with caution.
+
+Installation
+As a Scripted REST API Resource
+Create the Scripted REST API:
+Navigate to System Web Services > Scripted REST APIs.
+Click New and fill in the details:
+Name: CriticalAlertIncident
+API ID: critical_alert_incident
+Save the record.
+
+
+Create the Resource:
+On the Resources related list of the API record, click New.
+Name: PostCriticalIncident
+HTTP Method: POST
+Relative Path: /
+Copy and paste the provided script into the Script field.
+Configure Security:
+Ensure appropriate authentication is configured for the API, such as OAuth or Basic Auth, to secure the endpoint.
+Customization
+Change Priority/Impact: Modify the grIncident.setValue() lines to set different priority or impact levels based on the payload (e.g., if (severity == 'MAJOR') { grIncident.setValue('priority', 2); }).
+Add Additional Fields: Extend the script to parse and set other incident fields, such as assignment_group, caller_id, or category, based on data from the incoming payload.
+Enrich Incident Data: Perform a lookup on the CI to fetch additional information and add it to the incident description or other fields.
+Handle Different Severity Levels: Add if/else logic to handle different severity values (e.g., MAJOR, MINOR) from the source system, creating incidents with different priorities accordingly.
+
+Dependencies
+This script requires the GlideJsonPath API, which is available in Jakarta and later releases.
+The API endpoint must be secured with appropriate authentication to prevent unauthorized access.
+
+Considerations
+
+Security: This API endpoint is a powerful integration point. Ensure that it is properly secured and that only trusted sources are allowed to create incidents.
+Error Handling: The script includes robust error handling for common failures (missing data, insertion failure) but should be extended to handle specific use cases as needed.
+Testing: Thoroughly test the endpoint with a variety of payloads, including valid data, missing data, and invalid data, to ensure it behaves as expected.