Ansible for Falcon LogScale
Log and analyze Ansible playbook data in Falcon LogScale
A better way to manage notifications with CrowdStrike and ServiceNow
Customers can build automated workflows using CrowdStrike Falcon® Fusion to trigger incident ticket creation in ServiceNow ITSM. Security and DevSecOps teams can leverage detections and incidents from the Falcon platform to help streamline incident management and accelerate response capabilities. You can also orchestrate remediation of vulnerabilities by creating ServiceNow tickets directly from Spotlight, and easily configure the workflow to attach auto-generated reports, enabling you to track the remediation progress of your security team to improve efficiency and monitoring. This ServiceNow IT Service Management (ITSM) plugin leverages Falcon Fusion, a CrowdStrike Offering Feature, to allow you to receive Falcon-generated alerts via ServiceNow ITSM.
- 01
Configure incident tickets
Configure incident tickets based on triggering events so that your team is alerted to what matters most to your organizations and your workflows.
- 02
Gain additional context
Gain additional context from customized notifications to enable faster investigation, triage, and remediation.
- 03
Create consistent workflows
Create consistent and repeatable automated workflows to accelerate response, improving SOC efficiency.
- 04
Configure consistent attributes
Configure consistent attributes such as the Assigned User, Assigned Group, Category, a Short Description and Attributes from the event to be included in the ticket given the outlined trigger or condition.
- 05
Easily configure workflows
Easily configure Falcon Spotlight workflows to attach auto-generated reports to ServiceNow incident tickets created in Spotlight. Even if you do not have Spotlight access, you can view relevant vulnerability details directly from the ServiceNow ticket.
