This example demonstrates how to periodically update the status of ServiceNow tickets associated with alerts.
Explanation:
- Trigger: The workflow can be triggered manually, simulating the scheduled execution.
- Step 1: Fetch all alerts with a
ticket_type of servicenow using the Keep provider.
- Action: Iterate over the fetched alerts and update their associated ServiceNow tickets with the latest status.
workflow:
id: servicenow
description: update the ticket status every minute
triggers:
- type: manual
steps:
- name: get-alerts
provider:
type: keep
with:
cel: ticket_type == "servicenow"
actions:
- name: update-ticket
foreach: "{{ steps.get-alerts.results }}"
provider:
type: servicenow
config: "{{ providers.servicenow }}"
with:
ticket_id: "{{ foreach.value.alert_enrichment.enrichments.ticket_id }}"
table_name: "{{ foreach.value.alert_enrichment.enrichments.table_name }}"
fingerprint: "{{ foreach.value.alert_fingerprint }}"
enrich_alert:
- key: ticket_status
value: results.state
