Skip to content

Jira integration

You can create or update Jira tickets from Sophos Cloud Optix alerts.

In Jira Integration, you configure the link between your Sophos Cloud Optix account and your Jira account so that the two services can interact. To find out more about Sophos Cloud Optix fields and permissions, and how they're used in Jira, see Jira integration permissions.

Note

By default, Sophos Cloud Optix integrates with a single Jira instance.

To integrate with multiple Jira instances, upgrade the Jira integration in your account to Multi-Jira. You can then send alerts from your cloud environments to different Jira instances.

To upgrade, in Jira Integration, click Upgrade to Multi-Jira.

These instructions are for creating Jira integrations for a single Jira instance. To find out how to add Jira integrations after upgrading to use multiple Jira instances, see Multi-Jira setup.

To set up a Jira integration, do as follows:

  1. Click Integrations.
  2. Click Jira.
  3. (Optional) If you select Enable, the integration is turned on when you save the configuration.
  4. Enter your Jira URL, and the username and API token needed to connect to it.
  5. Enter the project key for the Jira project where you want the tickets to be created.

  6. In Alert Levels, do as follows:

    1. Select which Sophos Cloud Optix alerts create Jira tickets.
    2. (Optional) Change the Jira priority set for each alert level in Sophos Cloud Optix.

  7. Select Automatic to create Jira tickets automatically from alerts.

    If you don't select this, alerts in Sophos Cloud Optix include an option to create a Jira ticket manually.

  8. If you select Sync previous alerts, Sophos Cloud Optix creates Jira tickets for your existing alerts after you save the configuration. Tickets are only created for the alert levels you selected in the Alert Levels -> Jira priority field.

    Sync previous alerts also requires Automatic to be turned on.

  9. In Alert Post By, choose how Jira updates tickets:

    • Consolidated: Creates a ticket of type Task with affected resources in Comments or updates the existing ticket for similar alerts or status changes on the Sophos Cloud Optix Alerts page. This is the default setting.
    • Affected Resources: Creates a parent ticket of type Task with the alert's title, then creates individual tickets of type Sub-tasks tickets for each affected resource, adds the alert details, and links it to the parent.

  10. Select Mark as close to close tickets in Jira when an alert is resolved.

    If you don't select Mark as close, the status of the tickets isn't changed.

  11. Enter a Close Transition Name to use in Jira tickets as they're closed.

  12. Select Add Compliance tags as labels to add policy tags as labels in Jira tickets.
  13. We recommend that you click Test configuration before saving your changes.
  14. Click Save.

In your alerts, you now see an option to create a Jira ticket (if you accepted manual ticketing).

If a Jira ticket has been created for an alert, a ticket icon appears Jira ticket icon. in the alert details. You can click the icon to go to the Jira ticket.