Skip to main content

Export Single Vulnerability to ServiceNow - PANW IoT 3rd Party Integration

This Playbook is part of the IoT 3rd Party Integrations by Palo Alto Networks (Deprecated) Pack.#

Supported versions

Supported Cortex XSOAR versions: 6.0.0 and later.

This playbook handles a single incident triggered in the PANW IoT (Zingbox) UI by creating a corresponding incident in Cortex XSOAR, and sends the vulnerability to your ServiceNow. The following incident type is created in Cortex XSOAR:

Vulnerability: PANW IoT 3rd Party ServiceNow Integration - Vulnerability


This playbook uses the following sub-playbooks, integrations, and scripts.


This playbook does not use any sub-playbooks.


  • Palo Alto Networks IoT 3rd Party
  • ServiceNow v2


This playbook does not use any scripts.


  • panw-iot-3rd-party-report-status-to-panw
  • panw-iot-3rd-party-get-single-asset
  • panw-iot-3rd-party-convert-assets-to-external-format
  • servicenow-create-record

Playbook Inputs#

NameDescriptionDefault ValueRequired
assetIDAsset ID. zb_ticketid for vulnerability.Required
assetTypeType of Asset.VulnerabilityRequired
metadata1Example: incident triggered by PANW IoT cloud APIRequired
outputFormatDesired output format.ServiceNowRequired
assetListList of input assets.Required
table_nameThe name of the table in which to create a record.u_zingbox_alerts_vulnerablilty_incidentRequired
fieldsFields and their values to create the record with, in the format: fieldname1=value;fieldname2=value;...Required
statusSends a status message back to PANW IOT cloud.Required
messageMessage to be sent to PANW IoT Cloud.Required
integrationNameName of PANW IoT 3rd Party Integration.servicenowRequired
playbookNameName of the playbook.Export Single Vulnerability to ServiceNow - PANW IoT 3rd Party IntegrationRequired
typeType of asset associated with the status report.vulnerabilityRequired

Playbook Outputs#

There are no outputs for this playbook.