Skip to main content

Create JIRA Tickets Through SIEM Alerts

You can configure your notification endpoints to automatically create JIRA tickets based on triggered alerts.

Pre-requisites

  • Make sure that you have the required permissions to create a task in the required JIRA board.

  • Create an API token for your Atlassian account.

  • Convert the API token using the following command:

    echo -n <YOUR-EMAIL>:<YOUR-ATLASSIAN-API-TOKEN> | base64

    Replace <YOUR-EMAIL> with the email for your attlassian account and <YOUR-ATLASSIAN-API-TOKEN> with the API token for your Atlassian account.

Add a JIRA notification endpoint

Navigate to your Logz.io SIEM account > Settings > Notification endpoints.

Select + Add endpoint to open the configuration wizard, and select Custom.

custom endpoint

Next:

  • Name your endpoint and, if required, provide a description of the endpoint

  • Provide the URL to your JIRA board as follows: https://<tenantname>.atlassian.net/rest/api/3/issue. Replace <tenantname> with the name of your JIRA domain stated before .atlassian

  • Select POST from the Method menu

  • Enter the following header into the Headers field: authorization= Basic <API-TOKEN>. Replace <API-TOKEN> with the API token to your Atlassian account

  • Add the following code as the payload:

    {
    "fields": {
    "project": {
    "key": <project board key>
    },
    "summary": "YOUR_SUMMARY",
    "issuetype": {
    "name": <board specific issue type>
    },
    "description": {
    "type": "doc",
    "version": 1,
    "content": [
    {
    "type": "paragraph",
    "content": [
    {
    "type": "text",
    "text": "YOUR_TEXT"
    }
    ]
    }
    ]
    }
    }
    }

    Replace <project board key> with the key of your JIRA project board. Replace <board specific issue type> with the issue type specific to your project board.

Click Add a new endpoint to save.