lhs-panel Click here to expand

Ticketing Tool Integration

With EventLog Analyzer, you can efficiently manage security incidents by raising tickets and assigning them to administrators for alerts that are generated. You can easily manage the incident within the EventLog Analyzer console itself or use an external help desk software for raising tickets. Under Alert Configurations, click on ticketing tool integration to configure an external help desk - ServiceNow, ManageEngine ServiceDesk Plus, ManageEngine ServiceDesk Plus On-Demand, ManageEngine ServiceDeskPlus MSP, ManageEngine AlarmsOne, Jira Service Desk, Jira Service Desk On-Demand, Zendesk, Freshservice, Kayako, or BMC Remedy Service Desk.

Manage Ticketing Tool Configuration

To configure incident management with ticketing tools, click on ticketing tool integration under Alert Configuration. From the Ticketing Tool drop-down list, select the ticketing tool that you want to configure EventLog Analyzer with. Then, follow the following steps based on the ticketing tool used.

For ManageEngine ServiceDesk Plus On-Demand:

Note: Only users with permissions to view, add, edit, and delete requests can proceed with the configuration.

In EventLog Analyzer, navigate to the Alerts tab and click Ticketing Tool Integration under Alert Configuration. From the Ticketing Tool drop-down list, select ManageEngine ServiceDesk Plus On-Demand.

  1. Choose Data Center in drop-down list. Click API Registration URL to generate Client ID and Client Secret ID.

    Ticketing Tool Integration

  2. Once the Zoho API Console is opened, click GET STARTED.

    Ticketing Tool Integration

  3. Select the Server-based Applications tile.

    Ticketing Tool Integration

  4. To create a new client, enter the required details. Enter the redirect URL as given in the EventLog Analyzer console and click Create.

    Ticketing Tool Integration

    Ticketing Tool Integration

  5. Copy the generated Client ID and Client Secret ID.

    Ticketing Tool Integration

  6. Back in the ELA console, paste the Client ID and Client Secret ID in the corresponding fields.

    Ticketing Tool Integration

  7. Enter the Subject and the Message for the alert. You can either select them from the predefined list available under Macros or enter your own. Click the Test and Save button. On clicking the Test and Save button, a verify popup will be displayed. Click the URL to approve the usage of the clients of ServiceDesk Plus On-Demand.

    Ticketing Tool Integration

  8. Click Accept for API approval.

    Ticketing Tool Integration

  9. Click the Verify button in ELA console. The ticketing tool will now be configured successfully.

For ManageEngine AlarmsOne

Note: Only users with the super admin or the alarm admin role can proceed with the configuration.

In EventLog Analyzer, navigate to the Alerts tab and click Ticketing Tool Integration under Alert Configuration. From the Ticketing Tool drop-down list, select ManageEngine AlarmsOne.

  1. Open ManageEngine AlarmsOne and click the Applications icon, then click Applications(+) button in the left panel. From the list displayed, select Custom API Integration.
  2. Enter an Application Label and Application Name. If a notification profile is already configured, select it. Click Add. You can also associate a notification profile later.
  3. A Webhook URL specific to your custom app is generated.
  4. Click API Registration URL in EventLog Analyzer, to generate a Client ID and Client Secret ID.

    Ticketing Tool Integration

  5. Once the Zoho API Console is opened, click GET STARTED.

    Ticketing Tool Integration

  6. Select the Server-based Applications tile.

    Ticketing Tool Integration

  7. To create a new client, enter the required details. Enter the redirect URL as given in the EventLog Analyzer console and click Create.

    Ticketing Tool Integration

    Ticketing Tool Integration

  8. Copy the generated Client ID and Client Secret ID.

    Ticketing Tool Integration

  9. Back in the ELA console, paste the Webhooks URL, Client ID, and Client Secret ID in the required fields.

    Ticketing Tool Integration

  10. Enter the Subject and the Message for the alert. You can select them from the predefined list available under Macros or type your own. Click the Test and Save button. On clicking the Test and Save button, a verify popup will be displayed. Click the URL to approve the usage of the clients of ManageEngine AlarmsOne.

    Ticketing Tool Integration

  11. Click Accept for API approval.

    Ticketing Tool Integration

    Click Verify button in ELA. The ticketing tool will now be configured successfully.

For ServiceNow

Note: Only users who have been granted permissions to execute create, read, write, and delete operations on the incident table can proceed with the configuration.

In EventLog Analyzer, navigate to the Alerts tab and click Ticketing Tool Integration under Alert Configuration. From the Ticketing Tool drop-down list, select ServiceNow.

ticketing-tool-integration-servicenow

  1. Enter the ServiceNow subdomain name or IP address.
  2. Enter the login name and password of a valid account in the ticketing tool.
  3. Enter the Short Description and the Description for the alert. You can select them from the predefined list available under Macros or type your own.
  4. Click the Test and Save button to establish communication and complete configuration.

For JIRA Service Desk On-Demand

Note: Only users with permissions to create, delete, and edit issues can proceed with the configuration.

To configure EventLog Analyzer with Jira Service Desk On-Demand, you need to first get some details from your Jira ticketing tool. Go to the Official JIRA Cloud Doc to get the API Token.

  1. After logging into your Jira Service Desk On-Demand account, click the settings icon on the top right corner and select Projects.
  2. In the project list, note down the Key corresponding to the project in which you want your tickets to be raised.
  3. Click the settings icon on the top right corner and select Issues.
  4. Note down the type of issues that the particular project can hold. The issues raised from EventLog Analyzer should have the same type for a ticket to be successfully raised in Jira Service Desk On-Demand.

In EventLog Analyzer, navigate to the Alerts tab and click Ticketing Tool Integration under Alert Configuration. From the Ticketing Tool drop-down list, select Jira Service Desk On-Demand.

Ticketing Tool Integration

  1. Enter the Jira Service Desk On-Demand Subdomain.
  2. Enter your JIRA Account Email ID.
  3. Enter the API key that we got in the previous step.
  4. Enter the Project ID. This is the Key of the particular project noted from the ticketing tool.
  5. Enter the type of issue. This has to be the same issue type that the project has been configured to hold.
  6. Enter the Summary and the Description for the alert. You can select them from the predefined list available under Macros or type your own.
  7. Click the Test and Save button to establish communication and complete configuration.

For Zendesk

Note: Only users with Admin/Agent privilege can proceed with the configuration.

Configuring Zendesk with OneAuth authentication:

To configure EventLog Analyzer with Zendesk, you will need to retrieve some information from your Zendesk ticketing tool:

  1. After logging into your Zendesk account, click the tray icon in the top bar and click Admin Center.
  2. In Admin Center, click Apps and integrations in the sidebar > select APIs > Zendesk API > OAuth Clients.
  3. Click the + icon to create a new OAuth Client
  4. Enter the client name, description, and name of the company. Select a logo.
  5. The value that appears corresponding to Unique Identifier needs to be saved in a separate document. This would be needed while configuring Zendesk in EventLog Analyzer.
  6. Once you click Save, a secret code will appear above the Save button. Click Copy and save it in a separate document. This would also be needed while configuring Zendesk in EventLog Analyzer.
  7. Click Close and open EventLog Analyzer to complete the configuration process.

Configuring Zendesk with Basic API authentication:

  1. Click the Admin icon in the sidebar, then select Channels → API.
  2. Click the Settings tab, and make sure Token Access is enabled.
  3. Click the + button to the right of Active API Tokens.
  4. Optionally, enter a description under API Token Description. The token is generated, and displayed.
  5. Copy the token, and paste it somewhere secure. Once you close this window, the full token will never be displayed again.
  6. Click Save to return to the API page. A truncated version of the token is displayed.

Configuration in EventLog Analyzer for Zendesk integration:

In EventLog Analyzer, navigate to the Alerts tab and click Ticketing Tool Integration under Alert Configuration. From the Ticketing Tool drop-down list, select Zendesk.

  1. Enter the Zendesk subdomain name in the given field.
  2. Under Authentication, you can choose either OneAuth or Basic API.
  3. If you choose OneAuth under Authentication, follow the steps given below.

    Ticketing Tool Integration

    • Enter the Login Name and Password of a valid account in the ticketing tool.
    • Enter the Client ID in the corresponding field. This is value of the Unique Identifier noted from the ticketing tool.
    • Enter the Client Secret ID in the corresponding field. This is the value of the secret code obtained from the ticketing tool.
  4. If you choose Basic API under Authentication, follow the steps given below:

    Ticketing Tool Integration

    • Provide the Email Id in the given field.
    • Click on Steps to Generate API Key for steps to generate an API key.
    • Follow the given steps to generate the API key. After generation, provide the API key in the corresponding field.
  5. Enter the Subject and the Message for the alert. You can select them from the predefined list available under Macros or provide your own.
  6. Click the Test and Save button to establish communication and complete configuration.

For Kayako

In EventLog Analyzer, navigate to the Alerts tab and click Ticketing Tool Integration under Alert Configuration. From the Ticketing Tool drop-down list, select Kayako.

Ticketing Tool Integration

  1. Enter the Kayako subdomain name.
  2. Enter the emailId and password of a valid user in the ticketing tool.
  3. Enter the Subject and the Message for the alert. You can select them from a predefined list available under Macros or type your own.
  4. Click the Test and Save button to establish communication and complete configuration.

For FreshService

Note: Only users with either of the following privileges can proceed with the configuration:
  • Permissions to create, reply, edit, and delete tickets.
  • Or

  • SD Agent, SD Supervisor, Admin, or Account admin role.

To configure EventLog Analyzer with FreshService, you need to first get some details from your FreshService ticketing tool. Go to the official Freshservice Doc to get the API Token.

In EventLog Analyzer, navigate to the Alerts tab and click Ticketing Tool Integration under Alert Configuration. From the Ticketing Tool drop-down list, select Freshservice.

Ticketing Tool Integration

  1. Enter the Freshservice Subdomain.
  2. Enter Freshservice account Email ID.
  3. Enter the API key that we got in the previous step.
  4. Enter the Summary and the Description for the alert. You can select them from the predefined list available under Macros or type your own.
  5. Click the Test and Save button to establish communication and complete configuration.

For ManageEngine ServiceDesk Plus

Note: Only users with permissions to view, add, edit, and delete requests can proceed with the configuration.

In EventLog Analyzer, navigate to the Alerts tab and click Ticketing Tool Integration under Alert Configuration. From the Ticketing Tool drop-down list, select ManageEngine ServiceDesk Plus.

Ticketing Tool Integration

  1. Enter the ManageEngine ServiceDesk Plus server name or IP address.
  2. Enter the port number.
  3. Choose the protocol for communication - HTTP/HTTPS.
  4. Enter the Integration Key in the appropriate column. If you do not have an API key click on Steps to Generate API Key for instructions on generating an API key in ServiceDesk Plus.
  5. Enter the Subject and the Message for the alert. You can choose them from a predefined list available under Macros or type your own.
  6. Click the Test and Save button.

For ManageEngine ServiceDesk Plus MSP

Note: Only users with permissions to view, add, edit, and delete requests can proceed with the configuration.

In EventLog Analyzer, navigate to the Alerts tab and click Ticketing Tool Integration under Alert Configuration. From the Ticketing Tool drop-down list, select ManageEngine ServiceDesk Plus MSP.

Ticketing Tool Integration

  1. Enter the ManageEngine ServiceDesk Plus MSP server name or IP address.
  2. Enter the port number.
  3. Choose the protocol for communication - HTTP/HTTPS.
  4. Enter the API key in the appropriate column. If you do not have an API key, click Steps to Generate API Key for instructions on generating an API key in ServiceDesk Plus MSP.
  5. Enter the Subject and the Message for the alert. You can choose them from the predefined list available under Macros or type your own.
  6. Click the Test and Save button.

For JIRA Service Desk

To configure EventLog Analyzer with Jira Service Desk, you would first need to get a few details from your Jira ticketing tool.

  1. After logging into your Jira Service Desk account, click the settings icon on the top right corner and select Projects.
  2. In the project list, note down the Key corresponding to the project in which you want your tickets to be raised.
  3. Navigate to the Issues tab and reenter your username and password when prompted.
  4. Note down the type of issues that the particular project can hold. The issues raised from EventLog Analyzer should have the same type for a ticket to be successfully raised in Jira Service Desk.
  5. Close Jira Service Desk and open EventLog Analyzer to complete the configuration process.

Ticketing Tool Integration

In EventLog Analyzer, navigate to the Alerts tab and click on ticketing tool integration under Alert Configuration. From the Ticketing Tool drop-down list, select Jira Service Desk.

  1. Enter the Jira Service Desk server name or IP address.
  2. Enter the port number.
  3. Choose the protocol for communication - HTTP/HTTPS.
  4. Enter the login name and password of the account having admin privileges.
  5. Enter the project ID. This is the Key of the particular project noted from the ticketing tool.
  6. Enter the type of issue. This needs to be same as the issue type that the project has been configured to hold.
  7. Enter the Summary and the Description for the alert. You can select them from a predefined list available under Macros or type your own.
  8. Click the Test and Save button to establish communication and complete configuration.

For BMC Remedy Service Desk

In EventLog Analyzer, navigate to the Alerts tab and click on ticketing tool integration under Alert Configuration. From the Ticketing Tool drop-down list, select BMC Remedy Service Desk.

Ticketing Tool Integration

  1. Enter the BMC Remedy Service Desk server name or IP address.
  2. Enter the port number.
  3. Choose the protocol for communication - HTTP/HTTPS.
  4. Enter the login name and password of the account having admin privileges.
  5. Enter the Description for the alert. You can choose it from a predefined list available under Macros or type your own.
  6. Click the Test and Save button to establish communication and complete the configuration.

Ticketing Tool Status

With EventLog Analyzer, you can efficiently manage security incidents by raising tickets and assigning them to administrators for alerts that are generated. After successfully configuring the ticketing tool, the ticket details can be viewed in Alerts tab by clicking the specific alert.

Ticketing Tool Integration

Copyright © 2020, ZOHO Corp. All Rights Reserved.

Get download link