Netskope Global Technical Success (GTS)

Monitoring NPA Publishers via ServiceNow using DEM Webhook

Netskope Cloud Version - 129

Objective

This document aims to ensure continuous monitoring of Netskope Publishers by integrating DEM alerts with ServiceNow, allowing operations teams to receive incident notifications and improve response times.

Prerequisites

• Netskope tenant with Admin access
• ServiceNow instance with Admin access

Context

Netskope Digital Experience Management (DEM) provides real-time visibility into the performance and availability of critical infrastructure components, including the Netskope Publisher. Timely detection of issues with the Publisher is essential to ensure uninterrupted access to private applications.

By integrating DEM alerts with ServiceNow, alerts related to Publisher health can be automatically routed to the ITSM platform. This ensures faster visibility for operations teams and helps reduce response time by eliminating the need for manual alert handling.

Steps

1. In your ServiceNow console, search for Scripted REST APIs.
2. Click the New button in the top-right corner to create a new scripted REST API.

3. Enter a value in the Name field. The API ID will be auto-populated , you can leave it as is. Then click Submit.

4. Open the scripted REST API you just created.
5. Navigate to the Resources tab and click the New button to add a new header.

6. Fill in the Name and Relative Path fields for the REST API as required. Set the HTTP Method to POST.

7. Add a script (like the one below) to create an incident in ServiceNow based on the DEM alert received from Netskope. You can customize the script as needed to suit your specific requirements. To ensure that only authorized sources can invoke the ServiceNow Scripted REST API, a custom header-based token validation has been implemented directly within the script. The integration expects a specific header (X-Auth-Token) with a predefined shared token.

8. Since authentication is handled programmatically within the script, the “Requires authentication” option in the Scripted REST API configuration has been intentionally left unchecked. After making this change, click Update to save the configuration.

9. Log in to your Netskope Tenant, then navigate to DEM > Alerts.
10. Click the Alert Configuration button located in the top-right corner, and select Webhook as the delivery method.

11. Configure a custom webhook as shown below. The URL should match the resource path defined in the Scripted REST API section. Additionally, add a custom header with the key X-Auth-Token and the value set to the token specified in the Scripted REST API configuration.

    Example URL:https://<tenant>.service-now.com/api/1558978/netskope_publisher_dem_webhook/receive_alert

12. Enter a valid email address . If the webhook fails, an email notification with the reason for failure will be sent to this address. Click "Send Test Notification" and note that the configuration can only be saved after a successful test notification.

13. Now click on "New Alert Configuration" and configure an alert policy for the Publisher as shown below.

14. Save the Alert rule.

Verification

DEM Alert generated in Netskope:

Incident generated in ServiceNow:

The admin can use the highlighted link to view details about the publisher and understand what condition triggered the DEM alert rule.

Terms and Conditions

• All documented information undergoes testing and verification to ensure accuracy.
• In the future, it is possible that the application's functionality may be altered by the vendor. If any such changes are brought to our attention, we will promptly update the documentation to reflect them.

Notes

• This article is authored by Netskope Global Technical Success (GTS).
• For any further inquiries related to this article, please contact Netskope GTS by submitting a support case with 'Case Type – How To Questions'.