Menu
Documentationbreadcrumb arrow Pluginsbreadcrumb arrow ServiceNow data source for Grafana

ServiceNow data source for Grafana

The ServiceNow data source plugin allows you to query and visualize data from ServiceNow within Grafana.

Requirements

This plugin has the following requirements:

  • A ServiceNow user with access to the necessary tables
  • One of the following account types:
    • Grafana Cloud: Pro customers, Advanced customers, or Pro trial users with the Enterprise plugin add-on enabled
    • Grafana Enterprise: Customers with an activated license and a user with Grafana server or organization administration permissions
  • The Enterprise plugin add-on enabled

Install the ServiceNow data source plugin

To install the data source, refer to Installation

Configure ServiceNow

We recommend creating a new user for Grafana or using a service user.

NOTE If using the Use Sys Tables option, the ServiceNow user provided requires access to the following tables:

TableReason
sys_db_objectUsed to retrieve a list of available tables to query.
sys_dictionaryUsed to retrieve the list of fields when querying a table.
sys_choiceUsed to retrieve the list of choices when filtering table results using a choice field.
sys_glide_objectUsed to collect information about data types including names, base types, and so on.
incidentUsed in the healthcheck to validate the Table API and the Aggregate API are functioning

It is recommended that the user being used only has access to the necessary tables. If the user has access to too many tables, then you may encounter performance issues in the query editor. Also please note that disabling the Use Sys Tables option will cause the plugin to NOT query the sys tables, take that into consideration when disabling the option in case you do need access to query those tables with the plugin.

Servicenow user account can be configured with the following steps

The following is only necessary when using the “Sys Tables” option to fetch schema and metadata ( in the datasource settings )

  1. Elevate admin user to security admin to perform the following actions.
  2. Create a Role called grafana_reader_role. This can be anything.
  3. Create a User called grafana_user_1. This can be anything as well.
  4. Assign the below roles to the above user grafana_user_1 or whatever you created in step 3.
    • grafana_reader_role OR whatever you created in step 2.
  5. Create ACL rules which provide following permissions to the above role. To perform the following actions, admin user needed to be elevated to security admin.
    • read access to sys_db_object table
    • read access to sys_db_object.name field
    • read access to sys_db_object.label field
    • read access to sys_db_object.sys_name ( In ACL editor, it will be shown as Table[sys_db_object] => Display Name)
    • read access to sys_db_object.super_class ( In ACL editor, it will be shown as Table[sys_db_object] => Extends Table )
    • read access to sys_dictionary table
    • read access to sys_dictionary.* fields
    • read access to sys_choice table
    • read access to sys_choice.* fields
    • read access to sys_glide_object table
    • read access to sys_glide_object.* fields
  6. Provide read access to incident table. To perform this actions, admin user needed to be elevated to security admin.
  7. Repeat step 6 for the remaining table which the user need to read the data from.

Developer instance

To create and set up a developer instance of ServiceNow, go to the ServiceNow Developer page to create an account.

Configure the data source in Grafana

Add a data source by filling in the following fields:

Authentication Fields

NameDescription
URLURL of the ServiceNow instance.
UsernameUsername of the ServiceNow account
PasswordPassword of the ServiceNow account
Client IDOAuth Client ID of the ServiceNow account
Client SecretOAuth Client Secret of the ServiceNow account

Configure the data source with provisioning

It is possible to configure data sources using config files with Grafana’s provisioning system. You can read more about how it works and all the settings you can set for data sources on the provisioning docs page

yml
apiVersion: 1
datasources:
  - name: ServiceNow
    type: servicenow-datasource
    enabled: true
    access: proxy
    url: https://dev59952.service-now.com
    basicAuthUser: ADD_YOUR_USER_HERE
    jsonData:
      authMethod: serviceNowOAuth
      oauthClientID: ADD_YOUR_CLIENT_ID_HERE
    secureJsonData:
      basicAuthPassword: ADD_YOUR_PASSWORD_HERE
      oauthClientSecret: ADD_YOUR_CLIENT_SECRET_HERE
    version: 1
    editable: true
    isDefault: true

Note the use of authMethod: serviceNowOAuth in the jsonData section. This is required when using OAuth authentication.

Backward compatibility

In older versions of the plugin, the authMethod field was not present. Instead, you had to set oauthEnabled: true in the jsonData section, like this

yml
apiVersion: 1
datasources:
  - name: ServiceNow
    ...
    jsonData:
      oauthEnabled: true
      ...
    ...

This configuration is still supported but it is deprecated. It is recommended to use authMethod: serviceNowOAuth instead, since future versions of the plugin may remove support for oauthEnabled.

Query the data source

There are two query methods: Table and Stats.

Table query

Returns data suitable for displaying in a table panel. It allows for an ordered selection of fields to display plus filtering options. The query editor also provides a field to limit the number of rows returned by a query.

query editor table - query

Example table panel showing results from query above:

query editor table - example

Show

The Show row provides a selector for a field to be displayed. Multiple fields can be also be specified. The fields will be returned in the exact order specified.

Display Values

The Display Values flag will cause the query to return human-friendly values, or “Display Values”, instead of numeric values. There are three different options available

OptionDescription
AllPreferred way. This mode is for displaying human friendly display values. Also integer fields will be rendered as numbers and Choice fields will be displayed with human friendly labels.
TrueThis is similar to all mode. But integer fields will be rendered as formatted strings.
FalseWith this mode, all the fields displayed with actual values instead of labels. This may have better performance than other modes. (Note: Choice fields like severity/state will be displayed as integer IDs instead human friendly labels )

For example, a severity of 1 with false flag would only display 1. If the flag is set to true/all, the value displayed will be 1 - High.

According to the ServiceNow API documentation, all and true modes may be slower than false mode. Read more about Display value / sysparm_display_value in ServiceNow Documentation

Filters (general)

The Filters row provides the ability to narrow down the displayed rows based on multiple field and value criteria.

All filters are combined with an AND or an OR operation.

When selecting a custom table, fields are automatically populated from the Service Now API.

Values

Value selection depends on the type of filter selected.

  • Boolean filters have True/False options
  • Text filters will allow typing any value
  • Date filters display the date-picker calendar if choosing a date is required
  • Some operators, such as is anything or Today, do not display an additional field for input.

Sort By

The Sort By row provides the ability to narrow down the displayed rows based on multiple field and value criteria.

All filters are combined with an AND operation. Support for additional operators will be added.

Limit

A row limit can be specified to prevent returning too much data. The default value is 25.

Time Field

The Time Field is what turns your queried data into a time series. Your data being handled as a time series means that values in your selected “time field” that do not fall within your dashboard / panel’s time range will not be displayed.

If this value is not toggled on, a special value “Ignore Time” is provided to allow results “up until now” and also to enable the filters to control what data is displayed.

The Time Field default is Opened At, but it can be changed to any available field that holds a time value.

Stats query

The AggregateAPI will always return metrics, with the following aggregations: avg, min, max, sum. Filtering is also available to narrow queries.

query editor stats

Show

The Show Fields row provides a selector for a field and the metric(s) to be displayed. Multiple fields can be also be specified.

Filters (general)

Aggregate Filters provide the ability to narrow down the displayed metrics based on field and value criteria, similar to the table option.

All filters are combined with an AND operation. Support for additional operators will be added.

Stat filter options are the same as the TableAPI.

Aggregation

There are four types of metric aggregations, plus a “count”:

  • Average
  • Minimum
  • Maximum
  • Sum
  • Count - this returns the “number” of metrics returned by a query
Group By

This selector provides the ability to split metrics into lesser aggregates. Grouping by “priority” would return the metrics with a “tag” of priority and the unique values separated.

Field References

As of v2.0.0, field references are now supported.

Fields which are references to other tables are collapsed by default:

field reference collapsed

They will then expand to display the fields once they are clicked:

field reference expanded

Field references will only expanded to one level deep e.g. consider the following structure:

Field (Reference) ->
--- Field 1
--- Field 2 (Reference)
    --- Field 4
    --- Field 5
    --- Field 6 (Reference)
        --- Field 7
        --- Field 8 (Reference)
            ...
--- Field 3

Currently, only the first reference can be expanded, leading to the following:

Field (Reference) ->
--- Field 1
--- Field 3

Templates and variables

To add a new ServiceNow query variable, refer to Add a query variable. Use your ServiceNow data source as your data source for the following available queries:

After creating a variable, you can use it in your ServiceNow queries by using Variable syntax. For more information about variables, refer to Templates and variables.

Templating

Instead of hard-coding names in your queries, you can use variables in their place. Variables are shown as dropdown select boxes at the top of the dashboard. These dropdowns make it easy to change the data being displayed on your dashboard.

See the example below in the Query Variable section on how to add a query variable and reference that with a Template value.

Query Variable

If you add a template variable of the type Query, you can write a query that can return items like category names, key names, or key values that are shown as a dropdown select box.

For example, you can have a variable that contains all values for categories by specifying a query like this in the templating variable Query setting.

When choosing the Query setting, a Filter section is displayed, allowing you to choose a Type and Field. Currently, Type is limited to Incidents and Changes. When selecting a type, you are provided with a list of fields applicable to that Type. Once a Type and Field are selected, a preview of values will be displayed at the bottom showing the options available for that Type/Field. Those values will be displayed in a drop down on the Dashboard, which you can use along with Templating to filter data on your Dashboard Panels.

For example, if you add a Variable named category then select Type = Incidents and Field = Category, you will see a list of options for Category. If you then add a Filter to a panel, and select Category Equals ${category}, the panel data will show only data for that Category that is selected from the Dashboard drop down.

Import the Incidents By Category dashboard to see an example.

Using Variables in Queries

There are two syntaxes:

$<varname> Example with a template variable named hostname:

[[varname]] Example with a template variable named hostname:

Annotations

Annotations give you the ability to overlay events on graphs.

The Annotations query supports the same options as the standard query editor.

Transformations

Transformations can be useful when using an aggregation query with group by clauses.

transformations-query-editor

Labels to Fields

Example of using the Labels to fields transformation:

transformations

Import a dashboard for ServiceNow

Follow these instructions for importing a dashboard.

Imported dashboards can be found in Configuration > Data Sources > select your ServiceNow data source > select the Dashboards tab to see available pre-made dashboards.

Note: The pre-made dashboards cannot be moved from the default folder that the ServiceNow plugin imported it to.

Version compatibility

Current version of plugin was tested against Washington DC and Xanadu versions of the ServiceNow. Older versions may be supported, but the plugin was not tested against them.

Breaking changes

Upgrading to V2.0

Existing dashboards should continue working on 2.0. If there are any issues with existing dashboards no longer working, then know that this is not intended and your feedback is valued. Be sure to include copies of your panel JSON or dashboard JSON when submitting a support issue.

Backup your dashboards

It is imperative that you back up your dashboards before upgrading to v2.0. The query schema in v2.0 has changed, and migrations were added to change old queries to new ones as they are changed.

If you encounter any issues and need to downgrade, it is unlikely that your dashboards will continue working after downgrading.

Known limitations

Filters in query editor do not contain fields of reference type.

Learn more

Using an HTTP Proxy

When using an HTTP Proxy, Grafana will need one of the following environment variables set:

  • HTTP_PROXY (or http_proxy)

    • Full path - http://host:port
    • or just: host:port
  • HTTPS_PROXY (or https_proxy):

    • Full path - https://host:port
    • or just: host:port

What if we don’t have the ITSM Roles Plugin and “Use Sys Tables” is enabled?

Administrator access is required to perform the following actions

Option 1: Grant Grafana user admin privileges to allow access to all tables.

Option 2: Create a role and apply ACLs to all tables that need to be accessed by Grafana

Administrator access is required to perform the following actions

  1. The logged in administrator needs to elevate access to security_admin

    1. Click the profile icon on the top right navigation panel. It’s the one with the drop down carrot indicator
    2. From the dropdown click “Elevate Roles”
    3. From the modal that is shown, check the box next to “security_admin”
    4. Click OK
  2. Create a new role with whatever naming convention you’d like

    1. Navigate to the roles section in the left hand navigation System Security => Users and Groups => Roles
    2. Click “New” at the top
    3. Enter a name for the role and a relevant description
    4. Click Submit
  3. Create a new user and attach the role created in step 2

  4. Create Table ACLs for the required tables and fields

    1. Create ACL for the sys_db_object table

      1. In the second search header column “Name”, type sys_db_object and press enter
      2. The filtered result should show “Table”. Click to navigate into the record
      3. On the tab section, choose “Controls”
      4. On the bottom portion of the page, make sure “Access Controls” is the selected tab
      5. Click New to create a new ACL
      6. Change the “Operation” selection to read
      7. In the “Requires Role” section towards the bottom, double click “Insert New Row” and search for the role you created
      8. Click the green check mark after you have selected the role you have created
      9. Click Submit at the bottom to create the ACL then click continue when the modal appears
    2. Create ACLs for specific sys_db_object fields. The following steps will need to be repeated for each of the following fields: Name, Label, Display Name, and Extends table

      1. While still on the table record view for sys_db_object, select the “Columns” tab in the tab group closest to the top of the screen
      2. Locate the field name and select it
      3. In the bottom tab section click “New” in the access controls tab
      4. Change the operation to read
      5. Double click the insert a row text in the bottom “Requires role” table
      6. Search for the role you created and click the green check mark
      7. Click Submit
      8. Make sure that you’ve repeated these steps for all required fields: Name, Label, Display Name, and Extends table
    3. Repeat the steps from 4.1 on Change, Incident and any other non-CMDB tables that you would like to query from Grafana. Do not repeat the steps from 4.2, that step is only required for sys_db_object.

How to provide required access to the grafana user when “Use Sys Tables” is enabled?

Administrator access is required to perform the following actions

Option 1: Perform the following steps to create an user for grafana to connect servicenow

  1. Elevate admin user to security admin to perform the following actions.
  2. Create a Role called grafana_reader_role. This can be anything.
  3. Create a User called grafana_user_1. This can be anything as well.
  4. Assign the below roles to the above user grafana_user_1 or whatever you created in step 3.
    • grafana_reader_role OR whatever you created in step 2.
  5. Create ACL rules which provide following permissions to the above role. To perform the following actions, admin user needed to be elevated to security admin.
    • read access to sys_db_object table
    • read access to sys_db_object.name field
    • read access to sys_db_object.label field
    • read access to sys_db_object.sys_name ( In ACL editor, it will be shown as Table[sys_db_object] => Display Name)
    • read access to sys_db_object.super_class ( In ACL editor, it will be shown as Table[sys_db_object] => Extends Table )
    • read access to sys_dictionary table
    • read access to sys_dictionary.* fields
    • read access to sys_choice table
    • read access to sys_choice.* fields
    • read access to sys_glide_object table
    • read access to sys_glide_object.* fields
  6. Provide read access to incident table. To perform this actions, admin user needed to be elevated to security admin.
  7. Repeat step 6 for the remaining table which the user need to read the data from.

Below steps explains on how to perform the above actions in detail.

  1. The logged in administrator needs to elevate access to security_admin

    1. Click the profile icon on the top right navigation panel. It’s the one with the drop down carrot indicator
    2. From the dropdown click “Elevate Roles”
    3. From the modal that is shown, check the box next to “security_admin”
    4. Click OK
  2. Create a new role with whatever naming convention you’d like

    1. Navigate to the roles section in the left hand navigation System Security => Users and Groups => Roles
    2. Click “New” at the top
    3. Enter a name for the role and a relevant description
    4. Click Submit
  3. Create a new user or modify an existing user with the role you created in step 2

  4. Create Table ACLs for the required tables and fields

    1. Create ACL for the sys_db_object table

      1. In the second search header column “Name”, type sys_db_object and press enter
      2. The filtered result should show “Table”. Click to navigate into the record
      3. On the tab section, choose “Controls”
      4. On the bottom portion of the page, make sure “Access Controls” is the selected tab
      5. Click New to create a new ACL
      6. Change the “Operation” selection to read
      7. In the “Requires Role” section towards the bottom, double click “Insert New Row” and search for the role you created
      8. Click the green check mark after you have selected the role you have created
      9. Click Submit at the bottom to create the ACL then click continue when the modal appears
    2. Create ACLs for specific sys_db_object fields. The following steps will need to be repeated for each of the following fields: Name, Label, Display Name, and Extends table

      1. While still on the table record view for sys_db_object, select the “Columns” tab in the tab group closest to the top of the screen
      2. Locate the field name and select it
      3. In the bottom tab section click “New” in the access controls tab
      4. Change the operation to read
      5. Double click the insert a row text in the bottom “Requires role” table
      6. Search for the role you created and click the green check mark
      7. Click Submit
      8. Make sure that you’ve repeated these steps for all required fields: Name, Label, Display Name, and Extends table
    3. Repeat the steps from 4.1 on Change, Incident and any other non-CMDB tables that you would like to query from Grafana. Do not repeat the steps from 4.2, that step is only required for sys_db_object.

Option 2: Grant Grafana user admin privileges to allow access to all tables. ( STRONGLY NOT RECOMMENDED )

Administrator access is required to perform any of the above options