Help Document

Ticketing Tool Integration

With Log360 Cloud, you can efficiently manage security incidents by raising tickets for alerts that are generated. You can easily manage the incident within the Log360 Cloud console or use an external help desk software for raising tickets. Popular ticketing tools such as ManageEngine ServiceDesk Plus, ManageEngine AlarmsOne, ServiceNow, Zendesk, Jira Cloud, Freshservice and Kayako are supported by Log360 Cloud.

Manage Ticketing Tool Configuration

To configure incident management with an external ticketing tool, follow the steps given below:

  • Under the Alerts tab, click on the icon and choose Ticketing Tool Integration.
  • ticketing-tool-Integration

  • In the window that appears, select the desired ticketing tool from the available options in the Ticketing Tool field.
  • The steps to configure the different ticketing tools are explained below. Please follow the steps of the ticketing tool that you are using.

For ManageEngine ServiceDesk Plus:

Note: Only users with permissions to view, add, edit, and delete requests can proceed with the configuration.

  1. Choose ManageEngine ServiceDesk Plus in the Ticketing Tool field. Choose the Data Center from the options available in the drop-down list. Click on the API Registration URL, to generate the Client ID and Client Secret ID.
  2. ticketing-tool-Integration

  3. Once the Zoho API Console is opened, click on GET STARTED.
  4. ticketing-tool-Integration

  5. Select the Server-based Applications tile.
  6. ticketing-tool-Integration

  7. To create a new client, enter the required details. Enter the redirect URL as given in the Log360 Cloud console and click Create.
  8. ticketing-tool-Integration

    ticketing-tool-Integration

  9. Copy the generated Client ID and Client Secret ID.
  10. ticketing-tool-Integration

  11. Back in the Log360 Cloud console, paste the Client ID and Client Secret ID in the required fields.
  12. ticketing-tool-Integration

  13. Enter the Subject and the Message for the alert. You can select them from a predefined list available under Macros or type your own. Click the Test and Save button. On clicking the Test and Save button, a verify popup will be displayed. Click on the URL to approve the usage of the clients of ServiceDesk Plus.
  14. ticketing-tool-Integration

  15. Click Accept for API approval.
  16. ticketing-tool-Integration

  17. Click the Verify button in Log360 Cloud console.. The ticketing tool will now be configured successfully.

For ManageEngine AlarmsOne

Note: Only users with the super admin or the alarm admin role can proceed with the configuration.

In Log360 Cloud, navigate to the Alerts tab and click Ticketing Tool Integration under Alert Configuration. From the Ticketing Tool drop-down list, select ManageEngine AlarmsOne.

  1. Open ManageEngine AlarmsOne and click the Applications icon, then click Applications(+) button in the left panel. From the list displayed, select Custom API Integration.
  2. Enter an Application Label and Application Name. If a notification profile is already configured, select it. Click Add. You can also associate a notification profile later.
  3. A Webhook URL specific to your custom app is generated.
  4. Click API Registration URL in Log360 Cloud, to generate a Client ID and Client Secret ID.
  5. ticketing-tool-Integration

  6. Once the Zoho API Console is opened, click GET STARTED.
  7. ticketing-tool-Integration

  8. Select the Server-based Applications tile.
  9. ticketing-tool-Integration

  10. To create a new client, enter the required details. Enter the redirect URL as given in the Log360 Cloud console and click Create.
  11. ticketing-tool-Integration

    ticketing-tool-Integration

  12. Copy the generated Client ID and Client Secret ID.
  13. ticketing-tool-Integration

  14. Back in the Log360 Cloud console, paste the Webhooks URL, Client ID, and Client Secret ID in the required fields.
  15. ticketing-tool-Integration

  16. Enter the Subject and the Message for the alert. You can select them from the predefined list available under Macros or type your own. Click the Test and Save button. On clicking the Test and Save button, a verify popup will be displayed. Click the URL to approve the usage of the clients of ManageEngine AlarmsOne.
  17. ticketing-tool-Integration

  18. Click Accept for API approval.
  19. ticketing-tool-Integration

  20. Click Verify button in Log360 Cloud. The ticketing tool will now be configured successfully.

For ServiceNow:

Note: Only users who have been granted permissions to execute create, read, write, and delete operations on the incident table can proceed with the configuration.

In Log360 Cloud, navigate to the Alerts tab and click Ticketing Tool Integration under Alert Configuration. From the Ticketing Tool drop-down list, select ServiceNow.

ticketing-tool-Integration

  1. Enter the ServiceNow Sub Domain name or IP address.
  2. Enter the Login Name and Password of a valid account in the ticketing tool.
  3. Enter the Short Description and the Description for the alert. You can select them from a predefined list available under Macros or type your own descriptions.
  4. Click the Test and Save button to establish communication and complete the configuration.

For Zendesk:

To configure Log360 Cloud with Zendesk, you will need to retrieve some information from your Zendesk ticketing tool.

Note: Only users with Admin/Agent privilege can proceed with the configuration.

Configuring Zendesk with OneAuth authentication:

To configure Log360 Cloud with Zendesk, you will need to retrieve some information from your Zendesk ticketing tool:

  1. After logging into your Zendesk account, click the tray icon in the top bar and click Admin Center.
  2. In Admin Center, click Apps and integrations in the sidebar > select APIs > Zendesk API > OAuth Clients.
  3. Click the icon to create a new OAuth Client.
  4. Enter the client name, description, and name of the company. Select a logo.
  5. The value that appears corresponding to Unique Identifier needs to be saved in a separate document. This would be needed while configuring Zendesk in Log360 Cloud.
  6. Once you click Save, a secret code will appear above the Save button. Click Copy and save it in a separate document. This would also be needed while configuring Zendesk in Log360 Cloud.
  7. Click Close and open Log360 Cloud to complete the configuration process.

Configuring Zendesk with Basic API authentication:

  1. Click the Admin icon in the sidebar, then select Channels → API.
  2. Click the Settings tab, and make sure Token Access is enabled.
  3. Click the button to the right of Active API Tokens.
  4. Optionally, enter a description under API Token Description. The token is generated, and displayed.
  5. Copy the token, and paste it somewhere secure. Once you close this window, the full token will never be displayed again.
  6. Click Save to return to the API page. A truncated version of the token is displayed.

Configuration in Log360 Cloud for Zendesk integration

In Log360 Cloud, navigate to the Alerts tab and click Ticketing Tool Integration under Alert Configuration. From the Ticketing Tool drop-down list, select Zendesk.

  1. Enter the Zendesk subdomain name in the given field.
  2. Under Authentication, you can choose either OneAuth or Basic API.
  3. If you choose OneAuth under Authentication, follow the steps given below.

    ticketing-tool-Integration

    • Enter the Login Name and Password of a valid account in the ticketing tool.
    • Enter the Client ID in the corresponding field. This is the value of the Unique Identifier noted from the ticketing tool.
    • Enter the Client Secret ID in the corresponding field. This is the value of the secret code obtained from the ticketing tool.
  4. If you choose Basic API under Authentication, follow the steps given below:

    ticketing-tool-Integration

    • Provide the Email ID in the given field.
    • Click on Steps to Generate API Key for steps to generate an API key.
    • Follow the given steps to generate the API key. After generation, provide the API key in the corresponding field.
  5. Enter the Subject and the Message for the alert. You can select them from the predefined list available under Macros or provide your own.
  6. Click the Test and Save button to establish communication and complete configuration.

For Jira Service Desk

Note: Only users with permissions to create, delete, and edit issues can proceed with the configuration.
  1. To configure Log360 Cloud with Jira Service Desk, you need to get a few details from your Jira ticketing tool. Go to the Official Jira Cloud Doc to get the API Token.
  2. After logging into your Jira Service Desk account, click the settings icon on the top right corner and select Projects.
  3. In the project list, note down the Key corresponding to the project in which you want your tickets to be raised.
  4. Click the settings icon on the top right corner and select Issues.
  5. Note down the type of issues that the particular project can hold. The issues raised from Log360 Cloud should have the same type for a ticket to be successfully raised in Jira Service Desk.

ticketing-tool-Integration

In Log360 Cloud, navigate to the Alerts tab and click on ticketing tool integration under Alert Configuration. From the Ticketing Tool drop-down list, select Jira Service Desk.

  1. Enter the Jira Service Desk Subdomain.
  2. Enter your Jira Account Email ID.
  3. Enter the API key that we got in the previous step.
  4. Enter the Project ID. This is the Key of the particular project noted from the ticketing tool.
  5. Enter the type of issue. This has to be the same issue type that the project has been configured to hold.
  6. Enter the Summary and the Description for the alert. You can select them from the predefined list available under Macros or type your own.
  7. Click the Test and Save button to establish communication and complete configuration.

For Freshservice

Note: Only users with either of the following privileges can proceed with the configuration:

  • Permissions to create, reply, edit, and delete tickets.
  • Or

  • SD Agent, SD Supervisor, Admin, or Account admin role.

To configure Log360 Cloud with FreshService, you need to first get some details from your FreshService ticketing tool. Go to the official Freshservice Doc to get the API Token.

In Log360 Cloud, navigate to the Alerts tab and click Ticketing Tool Integration under Alert Configuration. From the Ticketing Tool drop-down list, select Freshservice.

ticketing-tool-Integration

  1. Enter the Freshservice Subdomain.
  2. Enter Freshservice account Email ID.
  3. Enter the API key that we got in the previous step.
  4. Enter the Summary and the Description for the alert. You can select them from the predefined list available under Macros or type your own.
  5. Click the Test and Save button to establish communication and complete configuration.

For Kayako:

In Log360 Cloud, navigate to the Alerts tab and click Ticketing Tool Integration under Alert Configuration. From the Ticketing Tool drop-down list, select Kayako.

ticketing-tool-Integration

  1. Enter the Kayako subdomain name.
  2. Enter the Email ID and password of a valid user in the ticketing tool.
  3. Enter the subject and the message for the alert. You can select the subject and message from a predefined list available under Macros or type your own descriptions.
  4. Click the Test and Save button to establish communication and complete configuration.

Ticketing Tool Status

With Log360 Cloud, you can efficiently manage security incidents by raising tickets and assigning them to administrators for alerts that are generated. After successfully configuring the ticketing tool, the ticket details can be viewed in Alerts tab by clicking the specific alert.

ticketing-tool-Integration

After configuring Log360 Cloud with the ticketing software, you can select the alert profiles for which tickets need to be raised.

In the ticketing tool integration page, you will have a list of existing alert profiles. Select the ones for which you want a ticket to be raised. You can search for specific alert profiles using the search box. You can also select all the alert profiles by ticking the Select All check box. If Select All is checked, all the alert profiles added in the future will be automatically selected and tickets will be raised for them as well. Once you have completed selecting the alert profiles, click Update.

Note:To ensure that the ticketing tools used to integrate with Log360 Cloud are compliant to the GDPR's requirements, please check the I agree box and click Proceed.

The pop-up will only be shown when the organization has enabled GDPR in Log360 Cloud.