• Documentation

Send alerts to Jira

Use webhooks and Jira Automation to create Jira issues from alerts. About Jira Automation

Who can do this?
Role: Organization admin, Guard Detect admin
Atlassian Cloud: Atlassian Guard Premium
Atlassian Government Cloud: Not available

Step 1: Create an automation rule

To create an automation rule in Jira:

  1. In Jira, navigate to the project you want to create issues in.

  2. Go to Project settings > Automation.

  3. Select Create rule.

  4. Search for the Incoming webhook component.

  5. Select Add Component. You won’t be able to configure the webhook until the next step.

  6. Select THEN: Add an action.

  7. Search for the Create issue component.

  8. Enter details such as project, Issue type, and summary.

  9. From the Turn on rule menu, select Save rule without enabling.

  10. When prompted, give your rule a name and Save.

Jira automation showing create issue action

You can include data from the webhook payload in a Jira field using the format {{webhookData.<attribute>}}.

For example, you could include the alert title or URL in the issue description to provide quick access to the alert details.

Include the alert title

{{webhookData.alertTitle}}

Include the alert URL

{{webhookData.alertDetailURL}}

Step 2: Get the automation webhook URL

To get the webhook URL:

  1. In Jira, go back to your automation rule and select the Incoming webhook trigger.

  2. Copy the Webhook URL and Secret. You’ll need this in the next step.

  3. Select No issues from the webhook when asked how to execute the automation rule.

  4. Save your changes to the Incoming webhook component.

  5. Enable the rule whenever you’re ready.

Jira automation showing incoming webhook

Step 3: Add the webhook URL to Guard Detect

To add the webhook URL:

  1. In Guard Detect, go to Integrations > SIEM webhooks.

  2. Select Add webhook URL.

  3. Paste the Webhook URL you copied from Jira and Save.

  4. Select More actions (…) > Add authorization header.

  5. Paste the Secret you copied from Jira and Save.

SIEM integration showing an example webhook URL and an add webhook button

Step 4: Send a test alert

To send a test alert:

  1. In Guard Detect, go to Integrations > SIEM webhooks.

  2. Select Test next to the webhook for this integration.

If the integration is working you should see a new issue in your Jira project.

Jira issue showing data from alert

When an alert is generated, it will now create a new issue in your Jira project.

What data is sent to your tool?

It’s important to know that once you set up an integration you will be sending alert data to the third party tool of your choosing. We send the alert title, description, and context which can include:

  • The name of the actor and their profile picture

  • The name of the subject, which can be a person or an entity (such as a space, project, or policy)

  • The site URL or page URL where the activity happened.

We respect the visibility settings in the actor’s Atlassian Account profile. If the actor has chosen not to share their profile picture with their Atlassian organization, we respect that setting.

You should make sure that it’s appropriate for this data to be shared with your third party tool before setting up the integration.

Still need help?

The Atlassian Community is here for you.
Ask the Community
On this pageStep 1: Create an automation rule Step 2: Get the automation webhook URLStep 3: Add the webhook URL to Guard Detect Step 4: Send a test alertWhat data is sent to your tool?
CommunityQuestions, discussions, and articles