Overview
The BigPanda for ServiceNow application integrates BigPanda’s event intelligence and incident automation platform directly with ServiceNow, enabling organizations to reduce alert noise, accelerate incident response, and improve service availability by integrating into ITSM for incident management.
BigPanda ingests alerts from monitoring, observability, and cloud platforms, applies enrichment and enrichment, and pushes actionable, context-rich incidents into ServiceNow ITSM. The result is fewer tickets, faster triage, and clearer ownership across complex, distributed environments.
Key Capabilities
Intelligent Incident Creation
-
Automatically create and update ServiceNow incidents from BigPanda alerts
-
Consolidate thousands of related alerts into a single incident
-
Prevent duplicate and redundant incidents
Bi-Directional Synchronization
-
Incident state, assignment, and resolution updates flow between ServiceNow and BigPanda
-
Augments ServiceNow CMDB as a single source of truth for responders and stakeholders
-
Maintains auditability and operational consistency
Contextual Enrichment
-
Populate incidents with enrichment tags that come from information natively available from Discovery and Topology.
-
Reduce time spent gathering information during triage
CMDB-Aware Correlation
-
Leverages ServiceNow CMDB data to enhance correlation accuracy
-
Aligns incidents to business services and infrastructure components mapped by ServiceNow.
-
Supports CSDM-aligned environments
How It Works
-
BigPanda ingests alerts from monitoring and observability tools
-
Alerts are correlated into incidents using BigPanda’s event intelligence engine
-
ServiceNow creates or updates incidents with event context
-
Incident lifecycle updates are synchronized between platforms
All ServiceNow workflows, approvals, SLAs, and reporting continue to operate natively.
Architecture & Security
-
Uses ServiceNow-supported APIs and scoped application patterns
-
Supports enterprise authentication models
Who This Is For
-
Organizations using ServiceNow ITSM
-
Teams looking to reduce MTTR without adding operational complexity
-
Environments transitioning to cloud, microservices, or hybrid infrastructure
Supported Use Cases
-
Major Incident Management
-
NOC and SRE Operations
-
Service Reliability Engineering
-
Cloud and Hybrid Infrastructure Monitoring
-
Business Service Impact Management
Key features
-
Bidirectional updates - A change in either BigPanda or ServiceNow will be updated within the other platform. Updates are polled every 30 seconds by default, resulting in a sync latency under 5 minutes.
-
Definable incident resolution and reopening behavior - Specify if a BigPanda resolution event resolves a ServiceNow incident, and if a BigPanda reopen event will reopen a ServiceNow incident or create a new one. When reopening is enabled, a time window is provided to indicate when a resolved incident is recent enough to reopen.
-
Share detailed data with ServiceNow - BigPanda adds incident details to the incident and provides further enrichments that can be used to customize the record in ServiceNow.
-
Provide customization options - You can share custom data, customize transformation of shared data and implement custom logic within the ServiceNow workflow.
-
Change Correlation – Automatically sync ServiceNow Change Requests with BigPanda to correlate new, updated, or deleted changes with active incidents, helping teams quickly identify whether a change is the likely cause.
-
CMDB Enrichment - Synchronizes your ServiceNow CMDB data into BigPanda, enriching your incoming BigPanda alerts
About
BigPanda delivers agentic automation for ITOps. We enable enterprises to keep the digital world running by transforming manual and reactive human processes into intelligent, autonomous systems that detect, respond, and prevent IT incidents at machine speed. That’s why the world’s most trusted brands rely on BigPanda to improve operational efficiency and deliver exceptional service reliability to their customers.Visit www.bigpanda.io for more information.
Automatically create, update, and resolve ServiceNow incidents from BigPanda alerts. Bidirectional synchronization keeps both systems in sync — resolve in BigPanda and the ServiceNow incident closes, or close in ServiceNow and BigPanda reflects the change. Supports standard incidents, incident tasks, and parent-child incident hierarchies.
Connect multiple BigPanda organizations to a single ServiceNow instance. Each organization maintains independent configuration, credentials, and sync settings. Incidents automatically route to their originating organization while CMDB and Change data can broadcast to all connected organizations.
Map BigPanda alert tags directly to ServiceNow incident fields with full control over which tags populate which fields. Supports reference field resolution (automatically converts group names to sys_ids), choice field validation (prevents invalid values in dropdowns), and configurable array formatting for multi-valued tags.
Create sophisticated data transformation rules without coding. Combine multiple conditions using AND/OR logic, select specific alerts from multi-alert incidents, and copy fields with automatic type conversion. Complete audit trail tracks every rule execution for debugging and compliance. Dry-run mode enables safe testing before production deployment.
Synchronize ServiceNow CMDB data to BigPanda for enhanced alert correlation. Configure which tables and columns to export, with support for both full baseline syncs and incremental delta updates. CMDB Enrichment v2.1 uses mapping schemas for efficient delta-only transmission, reducing API calls and improving sync performance.
Send Change Requests, Change Tasks, and Maintenance Windows to BigPanda for root cause correlation. When incidents occur during a change window, BigPanda can automatically correlate the alert with the change, accelerating root cause identification. Supports affected CI mapping and configurable state filtering.
All configuration is stored in a versioned database table with instant rollback capability. Every change is automatically versioned with user attribution and timestamps. Roll back to any previous configuration with a single click. All credentials are encrypted using ServiceNow Password2 encryption.
Area-based logging with per-component toggles (alerts, incidents, transforms, CMDB, changes, maintenance) and adjustable severity levels (ERROR, WARN, INFO, DEBUG). Enable verbose logging for specific components during troubleshooting without flooding logs from other areas. Changes take effect immediately without restart.
Batch processing with intelligent caching delivers consistent sub-second performance regardless of alert volume. Reference field lookups, configuration values, and metadata queries are cached at the request level. Database operations use indexed queries with explicit limits to prevent runaway queries.
Full ACL enforcement via GlideRecordSecure throughout the application. Role-based access control with dedicated admin, config admin, and user roles. All API credentials encrypted at rest. ServiceNow Store certified with comprehensive security review. Privacy policy module supports GDPR and CCPA compliance requirements.
Post-install fix scripts automatically configure the integration with optimized defaults for all settings. Upgrades detect and add new configuration keys while preserving all existing customer settings. Legacy system property configurations are automatically migrated. All scripts are idempotent and safe to re-run.
Forward integration error logs to BigPanda events for centralized monitoring. Each error generates a unique alert per component and function, enabling precise identification of issues. Supports dedicated OIM API key with region-aware endpoint detection.