Configure external connectorsedit

You can send cases to these third-party systems:

  • ServiceNow ITSM
  • ServiceNow SecOps
  • Jira (including Jira Service Desk)
  • IBM Resilient
  • Swimlane

To send cases to external systems, you need the appropriate license, and your role must have the Cases Kibana privilege as a user. For more details, refer to Configure access to cases.

You need to create a connector to send cases, which stores the information required to interact with an external system.

After creating a connector, you can set your cases to automatically close when they are sent to an external system.

Create a connectoredit

  1. Go to CasesEdit external connection.

    add case connector
  2. From the Incident management system list, select Add new connector.
  3. Select the system to send cases to: ServiceNow, Jira, IBM Resilient, or Swimlane.
  4. Enter your required settings.

    Connector name

    Name for the connector.

    URL

    The URL of the external system to which you want to send cases.

    API URL

    (Swimlane only) The URL of the Swimlane instance to which you want to send cases.

    Organization ID

    (IBM Resilient only) Your organization’s IBM Resilient ID number.

    Application ID

    (Swimlane only) The application ID of your Swimlane application. From Swimlane, you can find the application ID by checking your application’s settings or at the end of your application’s URL after you’ve opened it.

    Username

    (ServiceNow only) The username of the ServiceNow account is used to access the ServiceNow instance.

    Password

    (ServiceNow only) The password of the ServiceNow account is used to access the ServiceNow instance.

    Project key

    (Jira only) The key of the Jira project to which you are sending cases.

    Email or Username

    (Jira only) The Jira account username or email.

    API token or Password

    (Jira only) The API token or password is used to authenticate Jira updates.

    API key ID

    (IBM Resilient only) The API key is used to authenticate IBM Resilient updates.

    API key secret

    (IBM Resilient only) The API key secret is used to authenticate IBM Resilient updates.

    API token

    (Swimlane only) The Swimlane API authentication token is used for HTTP Basic authentication. This is the personal access token for your user role.

  5. Choose the connector type (Swimlane only):

    All

    You can choose to set all or no field mappings when creating your new Swimlane connector. However, note that if you don’t set field mappings now, you’ll be prompted to do so if you want to use the connector for a case or a rule. This is because the prompts no longer display once you set up the required mappings.

    Alerts

    Provide an alert ID and rule name.

    Cases

    Provide a case ID, a case name, comments, and a description.

  6. Click Save.

Edit a connectoredit

You can create additional connectors, update existing connectors, and change the connector used to send cases to external systems.

You can also configure which connector is used for each case individually. See Open a new case.

To change the default connector used to send cases to external systems:

  1. Go to CasesEdit external connection.
  2. Select the required connector from the Incident management system list.

To update an existing connector:

  1. Click Update <connector name>.
  2. Update the connector fields as required.

Close sent cases automaticallyedit

To close cases when they are sent to an external system, select Automatically close cases when pushing new incident to external system.