Constellation is a global enterprise with thousands of employees and a highly distributed IT environment. The company runs critical infrastructure and business applications across hybrid on-premise and cloud environments, monitored by multiple systems:

• Nagios is used for infrastructure monitoring, providing visibility into servers, network devices, and core infrastructure.

• Microsoft System Center Operations Manager (SCOM) monitors applications and system health across Constellation’s IT estate.

• ServiceNow serves as the central IT Service Management (ITSM) platform, used by the company’s service desk and operations teams to handle incidents, requests, and problem management.

As the environment grew in scale and complexity, the company identified a serious gap: monitoring tools were generating large volumes of alerts, but these were not efficiently or securely making their way into ServiceNow.

• Nagios alerts were being handled manually: service desk agents copied alert details into ServiceNow tickets. This was slow, error-prone, and often caused delays in responding to infrastructure issues.

• SCOM alerts presented an even bigger challenge: they contained sensitive data such as internal system identifiers, configuration details, and potentially confidential information that could not be exposed in ServiceNow without sanitization. As a result, these alerts required manual review and redaction before tickets could be created, leading to long delays, inconsistencies, and compliance risks.

Constellation’s IT leadership recognized that continuing with manual processes was unsustainable. They needed a solution that could:

• Automate the integration of alerts from Nagios and SCOM into ServiceNow.

• Transform and sanitize sensitive data from SCOM before it reached ServiceNow.

• Scale reliably to handle thousands of alerts without performance bottlenecks.

• Provide auditability for compliance teams, ensuring sensitive data was managed correctly.

To achieve this, Constellation selected ZigiOps, ZigiWave’s no-code integration platform.

Scenario1: Streamlining Infrastructure Alerts with Nagios → ServiceNow

The Challenge

Nagios was producing hundreds of infrastructure alerts daily. Without an automated integration, Constellation’s service desk team had to:

• Manually re-enter alert details into ServiceNow to create incidents.

• Double-check data mappings like severity, affected service, and priority.

• Manually update incident status back into Nagios once issues were resolved.

This approach created:

• Delays in incident creation, meaning critical issues sometimes sat in queues for hours before being worked on.

• Errors and inconsistencies in ticket data, since manual input often introduced mistakes.

• Stress on IT staff, who spent significant time on administrative work instead of actual incident resolution.

Vizualization - A linear flow with 3 steps:

1. Nagios Alert (icon: alert bell with “100+ daily”)
   ⬇ Manual step (person typing icon)

2. ServiceNow Incident (ticket card with warning “delays & errors”)
   ⬇ Manual step (person typing icon)

3. Back to Nagios (status updated manually, clock icon for delays)

Footer: “Manual re-entry = delays, errors, staff burnout.”

The ZigiOps Solution

Constellation configured a bi-directional workflow in ZigiOps:

• Source: Nagios Alerts.

• Target: ServiceNow Incidents.

Each new alert in Nagios triggered the creation of a ServiceNow incident, mapped with the correct fields (severity, priority, affected service, team assignment). Status updates flowed both ways -  when a ServiceNow ticket was updated or resolved, the corresponding Nagios alert was updated in real time.

Visualization Suggestion

A 3-block diagram:

• Left Block: Alert Card showing fields like Severity, Priority, Service

• Center Block: ZigiOps box labeled “Bi-directional sync”

• Right Block: Incident Card with the same fields

Arrows:

• Left → Right: New alerts create incidents automatically

• Right → Left: Status & updates synced back in real time

The Results

• Incident creation was instant. As soon as Nagios detected an issue, ServiceNow had a ticket ready for the right team.

• Manual effort was eliminated. The service desk no longer wasted hours re-entering data.

• SLA compliance improved. By removing delays, incidents were acknowledged and resolved within SLA timelines.

• Visibility increased. Both monitoring and ITSM teams worked with the same synchronized data, reducing confusion.

Scenario 2: Securing Application Monitoring Data with SCOM → ServiceNow

The Challenge

Unlike Nagios, SCOM alerts carried sensitive information. These alerts often included:

• Internal server names.

• Configuration details.

• Fields containing confidential business or application data.

For compliance reasons, this data could not be directly injected into ServiceNow. Constellation had been relying on manual review: every alert had to be checked, redacted, and reformatted before creating a ServiceNow incident.

Visualization: Alert example card with sensitive fields highlighted (e.g., server name, config details) and a red “sensitive data” tag.

The consequences were severe:

• Delays of hours or even days in incident creation.

• Inconsistent sanitization, as different staff members applied different levels of scrutiny.

• Compliance risks, since a single oversight could expose sensitive information in ServiceNow.

The ZigiOps Solution

To solve this, Constellation leveraged ZigiOps’ advanced transformation and output capabilities:

File Output Connector

• A new connector was created: new-file-output-1.-remove

• Instead of pushing alerts directly to ServiceNow, SCOM alerts were first routed to this connector.

Workflow with Transformation

• A workflow was set up: SCOM Alerts → File Output Connector.

• Filters were applied to capture only relevant alert collections.

JavaScript expressions were configured to transform the data, removing or masking sensitive fields.

Export and Inspection

• The transformed alerts were exported into .jsonl files in the directory /zigiops/platform/connector-logs/. -remove

• Each alert was written in JSON line format, making it easy for compliance and IT staff to inspect.

• For large data sets, ZigiOps automatically split files into chunks of 10,000 records to avoid overload.

• connector-new-file-_output-1-25-06-16-10:57:14-01.jsonl-remove

• connector-new-file-output-1-25-06-16-10:57:14-02.jsonl-remove

Validation and Production Rollout

• Compliance teams inspected the exported files to confirm sensitive fields were properly removed.

• Once validated, the workflow was updated to send alerts directly from SCOM → ServiceNow, applying the same transformation rules automatically.

Visualization Suggestion (Simplified)

• A 4-step vertical flow with plain icons + short labels:

• SCOM Alert (with red “sensitive data” tag)
  ⬇

• ZigiOps (filter icon) — sensitive fields removed
  ⬇

• Compliance Check (magnifying glass icon)
  ⬇

• Clean Incident (ticket card with green checkmark)

The Results

• Sensitive data sanitized. ServiceNow only received clean, compliant alert data.

• Auditability provided. JSONL files created a complete audit trail for regulatory checks.

• Manual review eliminated. Staff no longer wasted time redacting alert details by hand.

• Scalable and reliable. ZigiOps processed large alert volumes without failure, chunking files automatically.

Visualization: Checklist with 3 green ticks:

• Sensitive data sanitized

• Compliance assured

• Manual review eliminated

Unified Outcome

With ZigiOps, Constellation achieved a unified and secure alert-to-incident pipeline:

• Nagios alerts flowed automatically into ServiceNow as incidents with zero manual intervention.

• SCOM alerts were filtered, transformed, and sanitized before entering ServiceNow, ensuring compliance without slowing down operations.

Together, these workflows delivered:

• Faster incident resolution: Critical issues were in ServiceNow and assigned to the right teams within seconds.

• Improved compliance: Sensitive data from SCOM never left the monitoring environment without sanitization.

• Higher efficiency: Service desk agents and operations teams focused on solving problems, not on data entry.

• Future-proofing: Both workflows were built on the same integration platform, allowing Constellation to extend integrations to other tools as needed.

Visualization Suggestion

A 4-quadrant infographic (grid with 2 rows × 2 columns), each quadrant showing one outcome:

1. Top Left — Faster Incident Resolution

1. Icon: Stopwatch or lightning bolt

2. Label: Incidents created & assigned in seconds

2. Top Right — Improved Compliance

1. Icon: Shield with checkmark

2. Label: Sensitive SCOM data sanitized

3. Bottom Left — Higher Efficiency

1. Icon: Team at desk or gear icon

2. Label: Agents focus on solving, not typing

4. Bottom Right — Future-Proofing

1. Icon: Puzzle piece or layers symbol

2. Label: Extend integrations to new tools

Key Takeaways

Constellation’s dual integrations with ZigiOps highlight how enterprises can:

• Automate routine alert-to-incident processes across multiple monitoring tools.

• Transform and secure sensitive data before it enters ITSM systems.

• Ensure compliance while still delivering operational speed.

• Scale seamlessly to handle thousands of alerts daily without manual bottlenecks.

By addressing both speed (Nagios integration) and security (SCOM integration), ZigiOps enabled Constellation to build a robust, compliant, and efficient IT operations pipeline that aligned technical workflows with business and regulatory priorities.

‍