• Documentation

Send alerts to Opsgenie

Use webhooks and Jira Automation to send alerts to Opsgenie. About Jira Automation

Who can do this?
Role: Organization admin, Guard Detect admin
Plan: Atlassian Guard Premium

Step 1: Create a new API integration in Opsgenie

In Opsgenie you can create an API integration either in Settings or in a team. In this example we’ll create the integration for a team. How to create an API integration in Opsgenie

To create a new API integration in Opsgenie:

  1. In Opsgenie, navigate to your team and select Integrations.

  2. Select Add integration.

  3. Search for the API integration.

  4. Name your integration, for example Atlassian

  5. Alerts, and assign it to a team.

  6. Select Continue.

  7. Make a note of the API key, you’ll need this in a later step.

Opsgenie API integration screen showing API key

Step 2: Create a Jira automation rule

You can create the automation rule as a global rule, or in a Jira project if you’re not a Jira administrator. In this example we’ll create the rule in a project.

To create an automation rule in Jira:

  1. In Jira, navigate to a project.

  2. Go to Project settings > Automation.

  3. Select Create rule.

  4. Search for the Incoming webhook component. You won’t be able to configure the webhook until the next step.

  5. Select Add Component.

  6. Select THEN: Add an action.

  7. Search for the Send web request component.

  8. Enter the web request details, including the Opsgenie API URL and API key. Refer to the table below.

  9. Save your changes to the Send web request component.

  10. From the Turn on rule menu, select Save rule without enabling.

  11. When prompted, give your rule a name and Save.

Jira automation screen showing web request configuration details

Web request details

Use the following information to configure the web request.

Web request URL

https://api.opsgenie.com/v2/alerts

Headers

Add an Authorization header and specify your Opsgenie API key as the value in the format GenieKey abcdefg-a25a-4652-883c-73703b12345

About authentication in Opsgenie

HTTP method

POST

Web request body

Custom data

Custom data

You can include data from the webhook payload in the Opsgenie alert. For example, you could include the alert title, as follows.

1 2 3 { "message":"{{webhookData.alertTitle}}" }

This is a simple example. You can use any of the attributes in the webhook payload and map them to Opsgenie fields.

Step 3: Get the automation webhook URL

To get the webhook URL:

  1. In Jira, go back to your automation rule and select the Incoming webhook trigger.

  2. Copy the Webhook URL and Secret. You’ll need this in the next step.

  3. Select No issues from the webhook when asked how to execute the automation rule.

  4. Save your changes to the Incoming webhook component.

  5. Enable the rule whenever you’re ready.

Jira automation screen showing webhook URL

Step 4: Add the webhook URL to Guard Detect

To add the webhook URL:

  1. In Guard Detect, go to Integrations > SIEM webhooks.

  2. Select Add webhook URL.

  3. Paste the Webhook URL you copied from Jira and Save.

  4. Select More actions (…) > Add authorization header.

  5. Paste the Secret you copied from Jira and Save.

SIEM integration showing an example webhook URL and an add webhook button

Step 4: Configure the automation rule to create an issue

  1. In Jira, go back to your automation rule and select THEN: Add an action.

  2. Search for the Send web request component.

  3. Enter the web request details, including the Opsgenie API URL and API key. Refer to the table below.

  4. Save your changes to the Send web request component.

  5. Name your automation rule and select Turn it on.

Step 4: Send a test alert

To send a test alert:

  1. In Guard Detect, go to Integrations > SIEM webhooks.

  2. Select Test next to the webhook for this integration.

If the integration is working you should see a new alert for your Opsgenie team.

Opsgenie Alerts list showing a test alert

What data is sent to your tool?

It’s important to know that once you set up an integration you will be sending alert data to the third party tool of your choosing. We send the alert title, description, and context which can include:

  • The name of the actor and their profile picture

  • The name of the subject, which can be a person or an entity (such as a space, project, or policy)

  • The site URL or page URL where the activity happened.

We respect the visibility settings in the actor’s Atlassian Account profile. If the actor has chosen not to share their profile picture with their Atlassian organization, we respect that setting.

You should make sure that it’s appropriate for this data to be shared with your third party tool before setting up the integration.

Still need help?

The Atlassian Community is here for you.