After removing the Admin Role of the ServiceNow Securlet, there are no new incidents in CloudSOC.
If the Admin role is missing from the ServiceNow account used to activate the Securlet, the Refresh token will fail to refresh after the token expires. This will cause the Securlet unable to fetch new events.
Release : 1.0
The ServiceNow Securlet will be able to fetch new events once the admin role is added back in ServiceNow.