ProgullRequest a demo
ServiceNow Workflow

The incident lifecycle, native to ServiceNow.

Progull doesn't bolt onto ITSM — it works inside it. Every action against the mainframe is mirrored as a structured ServiceNow update, so your audit, reporting and on-call surfaces don't change.

Stage 1
DETECT
INC0098231

Abend detected on z/OS

Progull's detection agent observes the JES spool and SYSLOG, classifies the abend code and opens INC0098231 in ServiceNow with severity, CI, assignment group and first-line context already populated.

ServiceNow record updateincident_table
short_description
S0C7 — JOB PAYRUN02 STEP0040
category
Mainframe › Batch
cmdb_ci
PROD.LPAR1.JES2
impact
2 — High (Payroll cut-off)
assignment_group
Mainframe Ops L2
Stage 2
ENRICH
INC0098231

Incident enriched with telemetry

The reasoning agent attaches SYSOUT, SYSUDUMP, JCL, DB2 SQLCODE and the last 24h of related change events. A worknote summarizes the explainable diagnosis in plain English for the on-call.

ServiceNow record updateincident_table
worknote
Root cause: packed-decimal overflow in PAYCALC introduced by CR-44021
attachments
SYSOUT.PAYRUN02.txt · SYSUDUMP.PAYRUN02.dmp · STEP0040.JCL
related_change
CHG0044021 — COBOL deploy
evidence_score
0.94
Stage 3
RECOMMEND
INC0098231

Playbook proposed

A policy-approved remediation playbook is proposed: resubmit STEP0040 with PARM='CLEAN' after holding the downstream GL feed. The on-call can approve, edit or override.

ServiceNow record updateincident_table
playbook
PB-MF-014 · Resubmit step (PARM override)
pre_actions
HOLD JOB GLFEED01
post_actions
RELEASE JOB GLFEED01 on RC≤4
approval_mode
Auto (within window 22:00–06:00)
Stage 4
EXECUTE
INC0098231

Remediation executed under guardrails

The remediation agent submits the modified JCL via the approved control path, watches return codes and rolls back automatically if any check fails. Every action is logged as a worknote with timestamp and signature.

ServiceNow record updateincident_table
action_1
SUBMIT PAYRUN02.STEP0040 RC=00
action_2
VERIFY DB2 PAY.OUT row count = 142,408
action_3
RELEASE GLFEED01
sla_state
Met — 02:14 MTTR
Stage 5
CLOSE
INC0098231

Incident auto-closed with audit trail

The closure agent validates recovery, attaches the full reasoning trace and evidence pack, sets resolution code and closes INC0098231. The case becomes a reusable knowledge article for future S0C7 patterns.

ServiceNow record updateincident_table
state
Closed — Resolved
resolution_code
Automated remediation — playbook PB-MF-014
kb_article
KB0011872 (auto-generated, pending SME review)
audit_trail
Full agent reasoning, inputs & actions persisted
What ServiceNow teams get

No new pane of glass. No detours.

Incidents continue to flow through your existing categories, assignment groups and SLAs.

Every agent action becomes a structured worknote — searchable, reportable, exportable.

Closed cases auto-generate KB candidates that your SMEs curate, not author from scratch.

Walk through it live
Integration surface

Plugged into the ServiceNow primitives you already use.

Progull writes against standard ServiceNow tables and APIs — no custom UI shoved into your operator's face, no parallel ticketing system.

incident

Create, enrich, update, close — with full worknote stream and resolution codes.

change_request

Correlate abends to recent CHG records; raise emergency CR when a rollback is needed.

kb_knowledge

Auto-draft KB articles from resolved incidents, queued for SME publishing.

cmdb_ci

Maintain CI relationships for LPARs, JES subsystems, CICS regions and DB2 subsystems.

sn_si.alert

Open Security Incident Response alerts when telemetry indicates a data-exposure pattern.

sys_journal_field

Every agent input and decision lands as a signed worknote with timestamp and operator ID.

task_sla

Honor your SLA definitions, pause/resume rules and breach notifications natively.

flow_designer

Trigger or be triggered by your existing Flow Designer flows — no fork in the road.

Operating modes

Dial autonomy up — one job class at a time.

Progull supports four operating modes per job class, environment and time window. You promote autonomy where it earns its keep.

ModeDetectionDiagnosisRemediationClosure
ShadowAgentAgent (silent)Suggest onlyHuman
RecommendAgentAgentSuggest in worknoteHuman
ApproveAgentAgentExecute on approvalAgent on RC verify
AutonomousAgentAgentExecute under policyAgent
Common questions

What ServiceNow admins ask on day one.