How do I configure integration between ServiceNow ITSM/ITOM and Dynatrace?

Dynatrace offers an out-of-the-box integration with ServiceNow. Once configured, Dynatrace auto-discovered problems—along with all related real-user and root-cause information—are automatically pushed to your ServiceNow instance. All uncorrelated events related to each Dynatrace-detected problem are sent to the ServiceNow ITOM events table (em_event). Optionally, Dynatrace can also synchronize all auto-discovered applications, services, and hosts with your ServiceNow CMDB database.

Dynatrace ServiceNow integration is a two-way integration that:

  1. Pushes incidents from your Dynatrace environment to your ServiceNow tenant.
  2. Pushes all single events of a detected problem to the ServiceNow ITOM event API
  3. Automatically fills server, service, and application CMDB information from Dynatrace via a scheduled job within your ServiceNow instance.

To connect your Dynatrace monitoring environment with your ServiceNow instance, configuration is required on both the ServiceNow and the Dynatrace side.

Open the ServiceNow application marketplace and install the ServiceNow-certified Dynatrace application (shown below) within your ServiceNow instance. The Dynatrace application is certified for the following ServiceNow releases: Jakarta, Istanbul, Helsinki, and Geneva.

Once you've installed the Dynatrace application within your ServiceNow instance, you’ll find a new Dynatrace menu in ServiceNow with the following entries:

  • Support: Links directly to Dynatrace Support, where you can report any issues related to your Dynatrace ServiceNow integration
  • Dynatrace Settings: Use these settings to configure your Dynatrace integration.
  • Problems: Import set table that shows the number of Dynatrace-detected problems that have been pushed to and imported into your incident table.
  • Events: Import set table that shows all the uncorrelated events that have been pushed by Dynatrace and that have been synchronized with your ITOM event table.
  • Applications and services: A filtered view of your CMDB business service table that shows all the services and applications that have been discovered by Dynatrace.
  • Process groups: A filtered view of your CMDB cluster table that shows all Dynatrace-discovered process group clusters.
  • Hosts: A filtered view of your CMDB servers table that shows all Dynatrace-discovered hosts.
  • CI Mapping: Configuration table that enables you to create mappings between ServiceNow CMDB configuration items and Dynatrace monitored entities. Once mapping has been configured, incoming problems are automatically attached to the affected configuration item.

Configuration within ServiceNow

To complete configuration on the ServiceNow side, copy and paste your Dynatrace environment ID and API key, as shown below. Your Dynatrace environment ID is the first part of your Dynatrace environment URL (i.e., <EnvironmentID>.live.Dynatrace.com).

To create an API key for your Dynatrace environment

  1. Navigate to Dynatrace > Settings > Integration > Dynatrace API.
  2. Click the Generate token button. If you're running a Dynatrace Managed instance, please select the Dynatrace Managed checkbox on the settings page and type your public Security Gateway URL in the text field below. The URL of your public Security Gateway is the entry point that your ServiceNow tenant will use to access your Dynatrace API in order to synchronize the CMDB.

Here is an example of a full public Security Gateway URL. Note that the UID after the /e/ is the environment ID: https://<YOUR_OWN_DOMAIN>:8443/e/caa3369e-8612-46e2-b8c9-4018298cce24/

Configuration within Dynatrace

After installing and configuring Dynatrace integration on the ServiceNow side, switch over to your Dynatrace environment.

Navigate to Dynatrace > Settings > Integration > Problem notifications, click Set up notifications, and select ServiceNow, as shown below.

On the Set up ServiceNow integration page, type a custom name for your new integration (for example, My new ServiceNow Integration). Enter your ServiceNow instance identifier as shown above (for example, dev23082) and enter a ServiceNow user name that has the x_dynat_ruxit.Integration role assigned to it.

Problem-description placeholders

You can customize the short description texts of the problem-notifications that are sent out by defining a text template that includes placeholders that are dynamically populated with relevant problem details, such as problem ID, problem impact, or problem state. By default, the full HTML formatted description of each detected problem and a direct link to the corresponding Problem details page in Dynatrace is attached to each ServiceNow incident in the form of a comment.

  • {State}: Problem state. Possible values are OPEN and RESOLVED.
  • {ProblemID}: ID number of the reported problem.
  • {PID}: A unique system identifier for the reported problem.
  • {ProblemImpact}: Impact level of the problem. Possible values are APPLICATION, SERVICE, and INFRASTRUCTURE.
  • {ProblemTitle}: A short description of the problem.
  • {ImpactedEntity}: Entities impacted by the problem (or the term "multiple" when more than two entities are impacted).
  • {Tags}: Comma-separated list of tags that that have been defined for all impacted entities.

Push incidents and/or ITOM events

By using the toggles for sending incidences and/or ITOM events you can control if Dynatrace should automatically create an incident within the ServiceNow ITSM module and if all correlated single events should be pushed into the ServiceNow ITOM events API.

Automatic incident creation

Once configuration is complete on both the Dynatrace and ServiceNow sides, problem notifications are pushed from Dynatrace to your ServiceNow instance, as shown below:

Dynatrace as ITOM event source

In the case that the ITOM module is enabled within your ServiceNow instance, Dynatrace can also act as ITOM event source. Once you enabled the push of ITOM events within the configuration page, all correlated single events that were detected by Dynatrace are automatically pushed into the ITOM event API. Each host based event has the correct node name and node IP attached as well as important severity information within the additional information field. ServiceNow ITOM users can create event filters and alerting rules to flexibly react on incoming Dynatrace detected events. Each of the events contains the unique Dynatrace identifier (e.g.: HOST-B66B773D12C49189) within the field 'correlation_id'. In case the default ITOM CI mapping is not able to match a CI by its node name, this 'correlation_id' is used to automatically map detected CIs. An example for such a process event is shown within the screenshot below:

By configuring Dynatrace as ITOM event source you can further improve the realtime visibility into your complete IT technology stack.

Your ServiceNow ITOM dashboard will immediately visualize the health state of all your business services, as shown below:

Manual CMDB mapping of detected problems

Dynatrace automatically detects problems within your environment, correlates all related events and affected components that share the same root cause, and presents all problem-analysis data so that they can easily be tracked and analyzed. When Dynatrace pushes a problem to your ServiceNow instance, it may contain multiple affected configuration items.

The CI Mappings table, that you find in the ServiceNow Dynatrace menu, can be used in cases where automatic mapping of your CMDB configuration items with incoming problems is necessary. The CI Mappings table represents a lookup table where Dynatrace component IDs are mapped with your CMDB CIs. If there is a valid mapping between an incoming affected component, and an existing CMDB CI is present, the ServiceNow Dynatrace application attaches the affected CMDB CI to the created incident.

The image below shows you how to map CIs to Dynatrace IDs:

Frequently asked questions

  1. Which ServiceNow tables are filled by the ServiceNow Dynatrace application?

Dynatrace sends all detected problems into the ServiceNow incident table (incident). All single events that are correlated with a Dynatrace-detected problem are sent to the ITOM event table (em_event). The relationship between a CI and a Dynatrace detected problem is sent into the CIs Affected table (task_ci). If enabled, Dynatrace synchronizes all auto-discovered web applications and web services into the CMDB business services table (cmdb_ci_service). All hosts and process groups running on those hosts are synchronized into the CMDB server table (cmdb_ci_server) and CMDB cluster table (cmdb_ci_cluster).

  1. Which scheduled jobs are introduced to pull the CMDB information from Dynatrace?

Dynatrace introduces three scheduled jobs that pull the topology information from Dynatrace Smartscape at 10-minute intervals. The scheduled job Synchronize applications job pulls all web application information, along with their relation to software services. Synchronize hosts job pulls all host and process group information from Dynatrace and Synchronize services job pulls all software services and relationships. The information pull is performed using the official Dynatrace REST API.

  1. Can I change the table or field where Dynatrace pushes the data?

Incidents and events are imported through an import set table. You can reconfigure the default transformation maps Events Transform Map and Problem to Incident Transformation Map to route the information to different tables or different fields.

  1. Can I synchronize additional information, or even metrics?

The Dynatrace ServiceNow application is built entirely on the public Dynatrace API and it uses a subset of this information by default. The best approach here is to use the ServiceNow Dynatrace application as a starting point and to customize information retrieval based on your requirements. It’s even possible to fetch detailed real-time metrics for each of your Dynatrace monitored configuration items using the Dynatrace API.

  1. Does Dynatrace automatically merge existing CIs with Dynatrace discovered CIs?

No, the ServiceNow Dynatrace application creates new configuration items. If you already have the same host within your CMDB, Dynatrace will produce a duplicate CI. ServiceNow offers a standard framework CMDB Identification and Reconciliation that allows you to define rules that can merge CIs based on a given attribute, for example, IP address.

  1. Does Dynatrace integration support multi-tenants?

Pushing incident notifications from multiple Dynatrace environments to one ServiceNow environment is possible.

Synchronization of CIs is only supported for one Dynatrace environment. As Dynatrace integration is completely based on our public Dynatrace REST API, it’s possible to modify this behavior to fetch data from multiple Dynatrace environments.