Skip to content

ServiceNowGenericFeed #43756

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
kamalq97 merged 3 commits into from
Apr 20, 2026
Merged

ServiceNowGenericFeed #43756

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
7572df6
ServiceNowGenericFeed
4nshumaan Apr 1, 2026
a8a07c6
updated code to include changes
4nshumaan Apr 14, 2026
aa06a25
updated code to lefover changes
4nshumaan Apr 14, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Empty file added Packs/ServiceNowGenericFeed/.pack-ignore
View file
Open in desktop
Empty file.
Empty file added Packs/ServiceNowGenericFeed/.secrets-ignore
View file
Open in desktop
Empty file.
Empty file added Packs/ServiceNowGenericFeed/Author_image.png
View file
Open in desktop
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
3 changes: 3 additions & 0 deletions Packs/ServiceNowGenericFeed/CONTRIBUTORS.json
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
[
"Anshumaan Mishra"
]
47 changes: 47 additions & 0 deletions Packs/ServiceNowGenericFeed/Integrations/ServiceNowGenericFeed/README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,47 @@
This is a feed integration for extracting indicators from ServiceNow
This integration was integrated and tested with version xx of ServiceNowGenericFeed.

## Configure ServiceNowGenericFeed in Cortex

| **Parameter** | **Description** | **Required** |
| --- | --- | --- |
| Server URL | The format should be https://company.service-now.com/ | True |
| Use OAuth Login | Select this checkbox if to use OAuth 2.0 authentication. See \(?\) for more information. | False |
| Use JWT Authentication | Select this checkbox to use JWT authentication. See \(?\) for more information. | False |
| Password | | True |
| Source Reliability | Reliability of the source providing the intelligence data. | False |
| Trust any certificate (not secure) | | False |
| Use system proxy settings | | False |
| Fetch indicators | | True |
| Indicator Verdict | Indicators from this integration instance will be marked with this verdict | False |
| Source Reliability | Reliability of the source providing the intelligence data | True |
| Feed Expiration Policy | | False |
| Feed Fetch Interval | | False |
| Bypass exclusion list | When selected, the exclusion list is ignored for indicators from this feed. This means that if an indicator from this feed is on the exclusion list, the indicator might still be added to the system. | False |
| Tags | The tag applied to the indicator when being forwarded into the TIM | False |
| Query URL | The API route of the requested information in ServiceNow | True |
| Indicator Field | The field needed from the ServiceNow response which contains the indicator value | True |

## Commands

You can execute these commands from the CLI, as part of an automation, or in a playbook.
After you successfully execute a command, a DBot message appears in the War Room with the command details.

### snow-get-indicators

***
retrieve indicators from ServiceNow

#### Base Command

`snow-get-indicators`

#### Input

| **Argument Name** | **Description** | **Required** |
| --- | --- | --- |
| limit | The number of indicators that can be returned. Default is 1. | Optional |

#### Context Output

There is no context output for this command.
Loading
Loading