Chef Integration

ServiceNow Incident App

The Incident App is responsible for generating incidents in the ServiceNow Incident Management environment for either configuration run or compliance check features in Chef Automate. This helps the user to capture the failures in the automated infrastructure and to improve incident tracking and resolution.

Key feaures of the Incident App

• It provides incident management for infrastructure and compliance automation.
• It provides intelligent data management and event de-duplication.
• It also has compliance-related integrations within ServiceNow.

Since the incident app generates a data stream of compliance events that the user can leverage by using this data for other ServiceNow applications. The user can personalize the Chef Automate compliance data stream by prioritizing the scan results, which helps the user to enhance their risk dashboard with real-time and ranked compliance.

User requirements

• The user should have a unique ServiceNow URL, it is of the following mentioned format: https://ven12345.service-now.com.
• After the integration app requires the x_chef_automate.api role to configure it. The ServiceNow administrator can now enable this for the user.

System Requirements

The system should have an integration App already installed and configured.

Setup

The user can set up automatic incident creation for:

• Chef Infra Client failures
• Chef InSpec scan failures

Chef Infra Client Incidents

Follow the below steps if you want to set up automatic incident reporting for any failed Chef Infra Client runs from the Chef Automate:

• The user needs to confirm the x_chef_automate.api role.
• Go to Settings > Notifications.
• Choose to Create Notifications.
• Enter the following details:
  • Name: Give a unique name to this notification.
  • Webhook Type: it represents the product or the process that is receiving the notification.
  • Failure Type: it is the Chef process for the notification.
  • ServiceNow user: it is the name that the user uses to sign in to ServiceNow.
  • ServiceNow password: it is the password that the user uses to sign in to ServiceNow.
• Click on the Test Connectivity button. If the test is successful, it displays the Notification test connected successfully, or it displays a message along with information about any connection or credentials problems to help the user fix the error.
• Click on Create Notification in order to save this notification.

Properties

There are nine configurable Application Properties in Chef Automate Incident App. The user needs to have either admin or x_chef_incident.admin role in order to change their default values.

In order to change the Incident App properties:

• In ServiceNow, find the Chef Incidents
• Choose Chef Incidents > Properties from the navigation.
• Make the necessary changes in the Chef Incident Properties form.
• Click on Save.

Incident App Properties

x_chef_incident.association

It is used to associate the Chef Infra Client run record with an Incident record. The default for this property is cookbook, other possible value is node. The cookbook is the default value as the number of nodes exceeds the number of cookbooks in any system. By setting the value to cookbook, it creates an incident for cookbook creates a failed cookbook. By setting the value to node, it creates an incident for each failed node.

x_chef_incident.scan_association

It associates a Chef InSpec scan record with an incident record. The default value for this property is profile, other possible value is node. The profile is the default value as the number of nodes exceeds the number of profiles. By setting the value to profile, it creates a Chef Inspec compliance scan incident. By setting the value to node, it creates an incident for each failed node.

x_chef_incident.assigned_to

It assigns a ServiceNow user ID to the incidents. If in case the user is a part of the group, then that particular group will be automatically assigned to the incident. The default value for the x_chef_incident.assigned_to property is set to none.

x_chef_incident.assignment_group

It assigns a group to the incident rather than assigning it to an individual user in the x_chef_incident.assigned_to property. The default value for the x_chef_incident.assignment_group property is blank.

x_chef_incident.impact

It sets an incident impact value. The default value for the x_chef_incident.impact property is 2, other values are 1 and 3.

x_chef_incident_urgency

It sets an incident urgency value. The default value for the x_chef_incident_urgency property is 2, other values are 1 and 3.

x_chef_incident.retention_days

It defines the number of days that are required to retain Chef Infra Client run and Chef InSpec scan reports in ServiceNow. The ServiceNow app can automatically update the records associated with reports whenever they get closed, deleted, or removed. The default value for the x_chef_incident.retention_days property is 30.

x_chef_incident.logging.enabled

The property should be set to Yes if the user wants to enable logging and No if the user wants to disable it. Once the property is enabled, the authorized users can view the logs at Chef Incidents > Logs and System Logs > Application logs. The default value for the x_chef_incident.logging.enabled property is No.

x_chef_incident.logging.verbosity

It sets the amount of information that is visible in logs. The default value for the x_chef_incident.logging.verbosity property is an error, the other possible values are debug, war, and info.

Uninstall

Follow the below steps to uninstall the Chef Automate Incident App:

• Go to System Applications > Applications in ServiceNow.
• Open the Downloads tab and choose the Chef Automate Incident Creation.
• Go to Related Links.
• Click on Uninstall.

ServiceNow Administrator Reference

The user can find the Chef Automate features in the ServiceNow instance by searching Chef in the Filter Navigator.

Integration App

Events

The user needs to go to the Events section by selecting Chef Automate > Events from ServiceNow.

x_chef_automate.chef.process.data
It is triggered when ServiceNow receives nodes data from the terminal or the app.

x_chef_automate.chef.process.installation
It is triggered when the asset import table receives software installation details in order to map in the CMDB server table.

Scripts

Script Actions
The user needs to go to the Script Actions section by selecting Chef Automate > Script Actions from ServiceNow.

• The Asset Process script action processes the events as well as updates the node data into the asset import table.
• The Process Software Instance script action processes the events as well as updates the software installation data in the CMDB server table.

Script Includes
The user can go to the Script Includes section by selecting Chef Automate > Script Includes from ServiceNow.

• AutomateApi
  It calls the Chef Automate API and also checks for the status of the response.
• AutomateApiClient
  It updates the token as well as the password in the Chef Automate Instance.
• BufferToImportUtil
  It is used to update the CPU speed in the Linux Server, CMDB Server, CMDB OSX server, and also CMDB win server.
• JsonUtil
  It updates the JSON objects
• Logger
  It updates the logging status to either enabled or disabled.

Scripted REST API

It aids in establishing a connection between ServiceNow and the Chef Automate application with authentication. The user can go to this section by selecting Chef Automate > Script Rest API from ServiceNow.

Transform Map Scripts

The transformation events occur when an import set table is transformed into a target table.

On Before
Mapping manufacturer, CPU manufacturer, model category, and model by using this script.

On After
The five On After scripts that are required in order to update the values are:

• Update the values: node id, node name, organization, and IP address, and then insert the record into the Chef Automate client run cookbooks, Chef Automate client run recipes and Chef Automate client run lists.
• Update the software, name, and install the CMDB software instance table.
• Update the data in the cmdb_ci_spkg table and the cmdb_software_instable table.
• Either insert or update the data in the cmdb_cli_file_system table.
• Either insert or update the data in the cmdb_ci_network_adapter table.

Incident App roles

The user can associate a single user with more than one role.

Role x_chef_inident.admin

The user can assign the x_chef_incident.admin role to any user other than the System Administrator in order to allow another user to manage the application properties and logs. The System Administrator authorization also has access to the tasks in the Admin role. The Admin grants the user access to the Chef incidents menu, Client, runs menu item, Support menu item, Logs menu item, etc.

Role x_chef_incident.user

This role is for those users who require application access without any administrative rights. The role grants the user access to the Chef incidents menu, Chef InSpec scans menu items, etc.

Role x_chef_incident.api

This role is suitable for users responsible for integrating the Chef Automate data into ServiceNow. It is advised to create a new user specifically for this role. The Chef Automate Incident App requires the API role to set up communication with the Chef Automate.

Frequently Asked Questions

At which port is the ServiceNow instance reachable?

At Port 443 is to reach the ServiceNow instance.

What is the default value for feed_interval in the Chef Automate Setting?

The default value for feed_interval is 4.

How many Application Properties are configurable in Chef Automate Incident App?

There are nine configurable Application Properties in Chef Automate Incident App. 

Conclusion

In this article, we have extensively discussed about Chef-Integration.

After reading about the various Profiles in Chef InSpec, are you not feeling excited to read/explore more articles on Configuration Management? Don't worry; Coding Ninjas has you covered. To learn about what ansible is, what is ansible YAML syntax and how errors are handled in the ansible playbook. 

If you wish to enhance your skills in Data Structures and Algorithms, Competitive Programming, JavaScript, etc., you should check out our Guided path column at Coding Ninjas Studio. We at Coding Ninjas Studio organize many contests in which you can participate. You can also prepare for the contests and test your coding skills by giving the mock test series available. In case you have just started the learning process, and your dream is to crack major tech giants like Amazon, Microsoft, etc., then you should check out the most frequently asked problems and the interview experiences of your seniors that will surely help you in landing a job in your dream company. 

Do upvote if you find the blogs helpful.

Happy Learning!