Jira Ticketing

Use the Ticketing Integrations to quickly and easily set up a connection between the Sysdig platform and Jira, to inject Sysdig tasks into your existing remediation workflow. Jira integration lets you open Jira tickets within the Sysdig Secure UI and assign them to team members directly. The webhook-based option that was previously used to integrate Jira with Vulnerability Management has been replaced by an API-based method that allows for multiple Jira instances and projects.

This integration works for both Jira Cloud (SaaS) and Jira Data Center (On-Prem).

Configure Jira Ticketing Integration

Prerequisites

  • The API token must be created by the same User you input when creating a new Jira Ticketing Integration.
  • The best practice is to set up the integration with a service account email rather than an individual’s email.

Required Permissions

The Administrator with the Jira API token who is setting up the integration must have the following:

  • Permission to access Jira.
  • Administrator Jira global permissions, or at least:
    • Permissions to create issues in the Jira project associated with Sysdig.
    • Permissions to create attachments in the Jira project associated with issues coming from Sysdig.

If a Jira administrator sets ups the integration, the Sysdig Secure UI will reflect Jira status updates in real time.

If a non-administrator Jira user sets up the integration, changes in Jira may take up to an hour to be reflected in the Secure UI.

The Sysdig user who will create tickets in the UI must have one of the following:

  • Administer Jira global permission
  • Browse Projects permission for the Jira project associated with Sysdig
  • Administer Projects permission for the Jira project associated with Sysdig

Set Up Jira Integration

To set up a ticketing integration with Jira:

  1. Log in to Sysdig Secure as an administrator.

  2. Navigate to Integrations > Ticketing or Settings > Ticketing Integrations.

  3. Select New Integration.

    The Connect Jira Account window appears.

  4. Specify the following:

    • Integration Name: Choose any name for the integration.
    • Atlassian Cloud URL: Your Jira account URL, in the format https://myaccount.atlassian.net. For example, https://sysdig.atlassian.net.
    • Email: The email address of the API token holder, which matches the email used in the Jira Cloud or Data Center account.
    • API Token: The Jira token you have generated. Follow the links in the wizard if you do not have a token.

  5. Click Next and in Customize Project Settings tab specify the following:

    • Project: Select your project from the dropdown.
    • Issue Types: Select Epic and at least one other type. See the note below for more information.
    • Issue Hierarchy: Select the default parent and child ticket in the hierarchy of issue types. For example, select Epic for Parent Ticket and Task for Child Ticket.
    • Teams: Choose between two options.
      • Select Teams: Apply this integration to particular teams, chosen from the drop-down.
      • All Teams: Apply this integration to all teams on your account.
    • Jira Assignee: Optionally, select the default assignee(s).
    • Labels: Optionally, select labels for the tickets.

Jira issue types are hierarchical, and correspond to the following values:

  • Epic: 1
  • Story, Task and Bug: 0
  • Subtasks: -1

When selecting issue types in the wizard, ensure two sequential levels are represented. For example, you can select Epic, Story, and Bug, but not just Task and Bug.

  1. Click Next.

  2. In the Map Statuses tab, map your Jira project’s statuses to the statuses Open, In-Progress, Resolved as desired.

  3. Click Next.

  4. Optionally, assign custom field to the appropriate issue type in the Select Custom Fields tab.

  5. Click Next to save your configuration.

The Jira integration will be listed on the Ticketing Integration page with an Active status.

If you completed setup as a Jira administrator, a webhook named sysdig-jira-integration-webhook is created in your Jira server. This webhook updates Sysdig whenever a change is made to a ticket in the project you integrated.

Do not delete this webhook, as this may lead to slower refresh rates.

Test the Integration

To use the integration, open the Sysdig Secure Home page and check an Vulnerability Management (VM) Remediation recommendations, as described in Remediate with Jira.