Adding a ServiceNow CMDB Connector will pull data from the CMDB CI table. The user in the Kenna connector must have access to this table and all the associated fields.
From within the Connector dialog, you will be able to determine if you want assets activated using the value of the Retired field in the CMDB instead of using the Asset Settings provided by Kenna. Note: Scanners will show assets as active until they are no longer found on the network by the scanner. The Retired field is not explicitly tied to the network unless you have policies in place to ensure this. It is recommended to choose a single source of truth to determine asset status (active/inactive). If you choose to have the CMDB Retired field as the source of truth, you should not enable the Asset Settings to avoid assets flipping between active and inactive status.
You may also use the connector to access the Criticality rating in ServiceNow and use that value to determine Asset Priority values in Kenna. See Asset Scoring for additional information on how this will effect asset scores in Kenna. This data is pulled from cmdb_ci_service in the busines_criticality column which has values from 1 (high) to 4(low) by default. If the link between Assets and Business Services is not present, this feature will not be available and no criticality rating will appear in the connector dialog.
Default Data Processing
- Items converted to Kenna Tags:
- Owner field in Kenna is populated by the "managed_by" CMDB field
Default fields used for Asset matching:
- name = hostname
- ip_address = ip address
- mac_address = mac address
- fqdn = fully qualified domain name
- sys_id or customer defined id = External ID (only defined if ServiceNow asset ID is to be pulled in as the overarching ID for Assets. Example source field: sys_id. External ID should be removed from all other connectors to prevent overriding of the value with vulnerability scanner host ids)
Locator field names can be changed via back-end settings if CMDB fields do not match the defaults. It is a good idea to look at how names are being pulled into Kenna from the network scanner before completing this mapping to ensure asset matching. Example:
To ensure asset matching you would want to pull SNOW host_name into Kenna.