• Documentation

Create an automation rule

Whether you need to buy your team some time to investigate or have a defined process for responding to alerts, automations may help your security team streamline their workflow and stay on top of alerts.

We leverage Confluence automations to provide automation options for content scanning alerts. How does automation work with Guard Detect?

Who can do this?
Role: Organization admin, Guard Detect admin
Plan: Atlassian Guard Premium and Confluence Premium or Enterprise

Create an automation rule from an alert

You can create automation rules directly from a content scanning alert.

To create an automation rule from an alert:

  1. In Guard Detect, select Alerts from the header.

  2. Navigate to the alert, and select the Automation icon.

  3. Select a template or create a new rule.

  4. Follow the prompts to configure the trigger and actions.

  5. Give your automation rule a name, and enable it when you’re ready.

Create an automation rule from Confluence

You can also create your rules directly in Confluence.

To create an automation rule:

  1. In Confluence, go to space automation or global automation.

  2. Select Create rule.

  3. Search for the Content scanning alert trigger

  4. Follow the prompts to configure the trigger and actions.

  5. Give your automation rule a name, and enable it when you’re ready.

Test your automation

We recommend you test your rule in a single space first before rolling it out across all your Confluence product instances. This will help you identify any unexpected consequences and refine your automation rule.

There are also a few known issues you should be aware of.

Restrict page action replaces existing restrictions

The Restrict page action replaces the existing page restrictions and does not currently support smart values. This means that when you automatically restrict the page, you may be locking the alert actor, page owner, and other contributors out of the page.

As a workaround, you can specify rule initiator in the restrictions, which means the alert actor at least can still access the page.

Smart values may not be available when page is restricted

if rule owner has no access to page (because its restricted) some smart values (that return data about the page itself) might not be available.

Still need help?

The Atlassian Community is here for you.