Versions Compared

Version Old Version 72 New Version 73
Changes made by

Daria Lebedeva

Daria Lebedeva

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Info

This guide explains how to add a Jira account to Cloudaware and configure actions for Cloudaware to automatically discover Jira issues in the CMDB and/or create issues in Jira based on specified criteria.

...

4. The green light in 'Status' means your Jira account has been successfully added. If there is a red light, please contact support@cloudaware.com

...

...

Add custom fields to Jira

For Cloudaware to associate a Jira issue with a CMDB object, a Jira issue should have two custom fields:

...

Let's review the following use case. A seсurity team wants a Jira issue to be created in a specific project every time when a high risk vulnerability is found by Cloudaware. However, in order to avoid lots of manual work with checking and closing Jira issues, they also need to be notified if a vulnerability has been recognized as fixed. A comment posted to the issue may be a good marker for bulk closing tickets.

Manage

...

permissions and

...

create fields in Jira

1. Grant Cloudaware with user/project: ADD_COMMENTS permission (see Jira documentation).

2. Log in to Cloudaware account Setup Objects.

3. Select an object you want Jira issues to be created for (in this example, CloudAware Vulnerability Scan).

4. Review the section 'Custom Fields & Relationships' to define fields that should be displayed in an issue's description. In our use case we are using the following fields: Priority, Risk, Severity, CVSS Number, Host, Port, Protocol, Description, Disappearance Time.

Note

Use Cloudaware Field Label names when creating fields in your Jira as fields names MUST match.

...

Set up Jira Actions in Cloudaware
Anchor
Jira-Actions
Jira-Actions

Note that you should add your Jira Account to Cloudaware before setting up Jira Actions.

...

3. Select the tab 'Jira Actions'. Click +Add Jira Action.

...

4. Fill in out the integration details:form:

...

WHERE

Name - name for your Jira Notification integration action
Jira IntegrationAccount - select the pre-configured Jira integration account
Project - select your Jira project issues will be created in
Issue Type - select the issue type (managed in your Jira)
Summary - add summary for your Jira issues. In this example, we use sObject.Name to display full CloudAware Vulnerability Scan name
Description - add a description that will be added into Jira issue body
Comment - add a text that will be displayed as a Cloudaware comment

In our use case, we are using use sObject.CA10disappearanceTime__c, where CA10disappearanceTime__c is the API Name of the field showing the date and time when the vulnerability was deleted from the scanner.

...

Field List - determine the fields you'd like to be displayed in a Jira issue and Cloudaware comment.

Note

Use API names for fields. The integration must include all the fields you plan to use in notifications. The order you choose for the fields will be reflected in a Jira issue.

...

5. Click Save.

6. Copy and save the URL as it is required for further configuration in Cloudaware.

...

Configuring Cloudaware Workflows to Create Issues and Post Comments in Jira
Anchor
workflow-to-create-jira-ticket
workflow-to-create-jira-ticket

Once you have configured Jira Action, set up two different workflow rules - for creating a Jira issue (1) and adding a comment (2).

1. Workflow Rule for Jira issue creation:

...

  • Click Save&Next.

  • Add Workflow Action → New Outbound Message:

Object: CloudAware Vulnerability Scan
Name: Jira Notification: New Vulnerability Detected
Endpoint URL: paste the URL copied from the integration's details

  • Select the fields to be displayed as set up in the Integration details:

...

Note that Name is a mandatory field.

  • Click Done. Click Activate to activate your workflow.

2. Workflow Rule for posting a comment in Jira issue:

...

Object: CloudAware Vulnerability Scan
Name: Jira Notification: Vulnerability Fixed
Endpoint URL: paste the URL copied from the integration's details

  • Select the fields to be displayed as set up in the Integration details:

...

  • Click Done. Click Activate to activate your workflow.

Jira issue sample

Cloudaware comment sample

...

Bulk Closing Issues with Cloudaware Comments in Jira

Based on our use case, we can consider all issues with a comment as not requiring further actions since a vulnerability the Jira issue informs of has been fixed.

Follow these steps to configure automatic change of issue status to 'Resolved':

  1. In your Service Desk project select Project settings Automation.

  2. Select Add rule.

  3. Select Custom rule from the list, then select Next.

  4. Give your custom rule a name and a description.

  5. Configure your rule by defining the WHEN, IF, and THEN fields:
    5.1. When comment added
    5.2. If comment contains This vulnerability is fixed and deleted on
    5.3. Then transition issue to status "Resolved"

...

Populating Custom Fields in Jira*
Anchor
Populating-Custom-Fields-In-JIRA
Populating-Custom-Fields-In-JIRA

This option requires having custom fields Object Type, Object Identifier and fields that were created for Jira actions.

Based on our use case, we can consider having all custom field values populated automatically. This will also provide a great visibility in Cloudaware CMDB as each Jira issue will be linked to a CMDB record.

...