ServiceNow Discovery: Comprehensive Guide for IT Admins

ServiceNow Discovery is a foundational component of the ServiceNow platform, enabling organizations to automatically identify and catalog devices, applications, and services within their IT infrastructure. By populating the Configuration Management Database (CMDB) with accurate and up-to-date information, Discovery provides the visibility necessary for effective IT service management (ITSM) and IT operations management (ITOM).​

‍

What Is ServiceNow Discovery?

‍

ServiceNow Discovery automates the process of identifying IT assets and their relationships within an organization's network. It scans the infrastructure to detect hardware, software, and services, updating the CMDB with this information. This automated approach reduces manual data entry, minimizes errors, and ensures that the CMDB reflects the current state of the IT environment.

​

Why Discovery Matters

• Accurate CMDB: Essential for CMDB health and integrity.
• Automation: Reduces manual effort in data collection.
• Dependency Mapping: Enables service mapping and impact analysis.
• Foundation for ITOM: Critical for IT Operations Management (ITOM) initiatives.

Discovery is the first step in understanding your environment's topology. It provides the intelligence layer needed for service mapping, event management, orchestration, and more. 

‍

Core Concepts of ServiceNow Discovery

‍

Understanding the fundamental components of Discovery is crucial for effective implementation:

• MID Server: A lightweight Java application that facilitates communication between the ServiceNow instance and the organization's network. It executes probes and sensors to collect data from devices.​
• Probes and Sensors: Probes are scripts that gather data from devices, while sensors process the collected data and update the CMDB accordingly.​
• Discovery Patterns: Reusable templates written in the Neebula Discovery Language (NDL) that define sequences of operations for identifying and classifying devices and applications.​
• Horizontal Discovery: Focuses on identifying infrastructure components such as servers and network devices, establishing their presence in the CMDB.​
• Vertical Discovery: Targets the application layer, identifying software components and their interdependencies.
• Discovery Behavior: Configurable logic that determines how Discovery reacts to various environments, enhancing its adaptability and resilience.

Prerequisites for ServiceNow Discovery

‍

Before initiating Discovery, ensure the following prerequisites are met:

• MID Server Installation: Install and validate the MID Server on a host within the network.​
• Network Accessibility: Ensure that required ports (e.g., SSH, WMI, SNMP) are open and accessible.​
• Credential Configuration: Set up appropriate credentials for different device types, such as SSH for Linux/Unix and WMI for Windows.​
• Plugin Activation: Activate the Discovery plugin within the ServiceNow instance.​
• CMDB Health: Verify that the CMDB is in a healthy state to receive and process new data.

ServiceNow recommends reviewing Discovery Properties to tailor scan behaviors, timeout settings, and connection types to your environment.

‍

How ServiceNow Discovery Works (Behind The Scenes)

‍

ServiceNow Discovery operates through a structured sequence of phases, each building upon the previous to accurately identify and catalog IT assets:​

1. Launch Phase: A Discovery schedule is triggered based on defined IP ranges or service mapping requirements.​
2. Scanning Phase: The Shazzam probe initiates a port scan to detect active devices and open ports, determining the communication protocols available.​
3. Classification Phase: Based on the open ports identified, classification probes are dispatched to ascertain the type of device (e.g., Linux server, network switch).
4. Identification Phase: Identification probes collect detailed information about the device, such as hostname, operating system, and hardware specifications.​
5. Exploration Phase: Exploration probes delve deeper to gather comprehensive data, including installed software, running processes, and configuration details.​
6. CMDB Update: Sensor scripts process the collected data and update the CMDB, either by creating new Configuration Items (CIs) or updating existing ones.​

This phased approach ensures a thorough and accurate discovery process, with each step contingent upon the successful completion of the previous.​

‍

Setting Up ServiceNow Discovery: Step-by-Step

‍

Step 1: Install and Validate MID Server

1. Navigate to MID Server > Downloads.
2. Install the appropriate version on a Windows/Linux host.
3. Validate the MID Server:
   
   • MID Server > Servers > Select MID > Validate.

The ServiceNow MID Server download page shows available installer options for both Windows and Linux operating systems, which are used for connecting to enterprise networks.

‍

Step 2: Configure Discovery Credentials

1. Go to Discovery > Credentials.
2. Create entries for:
   
   • SSH (Linux/Unix machines)
   • WMI (Windows machines)
   • SNMP (network devices)

Best Practice: Use Credential Affinity to bind credentials to IP ranges.

The ServiceNow Credentials creation page displays various credential types, such as SSH, CIM, and SNMP, allowing admins to securely configure access for Discovery.

‍

Step 3: Create Discovery Schedules

1. Navigate to Discovery > Discovery Schedules.
2. Click New.
3. Set parameters:
   
   • IP Ranges
   • MID Server selection
   • Discovery type (horizontal/vertical)

The ServiceNow New Discovery Schedule page displays various input fields, including IP ranges, MID Server selection, and discovery type, ready for user configuration.

‍

Step 4: Launch Discovery

• Activate the schedule manually or let it run as per the defined time.
• Monitor progress in Discovery Status, which provides real-time updates on the discovery process.

The ServiceNow New Discovery Status page displays a structured form with multiple input fields, allowing users to monitor and track the status of ongoing discovery processes.

‍

Step 5: Validate Results

• Navigate the Devices tab on the Discovery Status record.
• Validate discovered devices and their CI classes.
• Use CI Class Manager to verify classification accuracy.

The Devices section in the ServiceNow Discovery Status page displays all identified devices, their types, and statuses after a Discovery run, helping admins verify results.

‍

‍

Best Practices for Effective Discovery

• Use Multiple MID Servers: Load balancing and failover.
• Segment IP Ranges Smartly: Avoid scanning everything at once.
• Credential Affinity: Reduces credential validation failures.
• Regularly Update Patterns: Keep patterns up to date with patches.
• Monitor MID Server Health: Regularly check logs and metrics.
• Audit CMDB Updates: Set up CMDB Health Dashboards.
• Use Behavior Rules: Configure conditional logic for dynamic environments.
• Limit Probes Using Filters: Increase efficiency by excluding known static or irrelevant targets.
• Document Customizations: Keep a change log for custom probes and patterns.

Integration with Other ServiceNow Modules

‍

Discovery integrates seamlessly with several other ServiceNow applications:

• Service Mapping: Automatically maps application services using Discovery data to visualize dependencies.
• Event Management: Enhances alert correlation by providing contextual infrastructure data.
• Software Asset Management: Identifies installed software for license tracking and compliance.
• Security Operations: Supplies asset inventory for faster incident prioritization.

Conclusion

‍

ServiceNow Discovery is an essential building block for a successful ServiceNow implementation. It not only feeds accurate data into the CMDB but also empowers other ITSM and ITOM processes by enabling automation, visibility, and control. By following best practices such as using multiple MID Servers, optimizing credentials, segmenting IP ranges, and maintaining healthy patterns, IT administrators can ensure robust and reliable discovery operations.