Jira actionedit
Use the jira
action to create issues in Atlassian’s Jira Software.
To create issues you need to configure at least one Jira account in elasticsearch.yml
.
Configuring Jira actionsedit
You configure Jira actions in the actions
array. Action-specific attributes
are specified using the jira
keyword.
The following snippet shows a simple jira action definition:
"actions" : { "create-jira-issue" : { "transform" : { ... }, "throttle_period" : "5m", "jira" : { "account" : "integration-account", "fields" : { "project" : { "key": "PROJ" }, "issuetype" : { "name": "Bug" }, "summary" : "Encountered {{ctx.payload.hits.total.value}} errors in the last 5 minutes", "description" : "Encountered {{ctx.payload.hits.total.value}} errors in the last 5 minutes (facepalm)", "labels" : ["auto"], "priority" : { "name" : "High" } } } } }
Jira action attributesedit
Depending of how Jira projects are configured, the issues can have many different fields and values. Therefore
the jira
action can accept any type of sub fields within its issue
field. These fields will be directly used
when calling Jira’s Create Issue API, allowing
any type of custom fields to be used.
The project.key
(or project.id
), the issuetype.name
(or issuetype.id
) and issue.summary
are
always required to create an issue in Jira.
Name | Required | Description |
---|---|---|
|
no |
The Jira account to use to send the message. |
|
no |
The proxy host to use (only in combination with |
|
no |
The proxy port to use (only in combination with |
|
yes |
The key of the Jira project in which the issue will be created.
It can be replaced by |
|
yes |
A name that identifies the type of the issue. Jira provides default
issue types like |
|
yes |
The summary (or title) of the issue. |
|
no |
The description of the issue. |
|
no |
The labels to apply to the Jira issue. |
|
no |
The priority of the Jira issue. Jira provides default |
|
no |
Name of the user to assign the issue to. |
|
no |
Name of the user identified as the reporter of the issue. Defaults to the user account. |
|
no |
Name of the environment related to the issue. |
|
no |
Custom field XXX of the issue (ex: "customfield_10000": "09/Jun/81") |
Configuring Jira accountsedit
You configure the accounts Watcher can use to communicate with Jira in the
xpack.notification.jira
namespace in elasticsearch.yml
.
Watcher supports Basic Authentication for Jira Software. To configure a Jira account you need to specify (see secure settings):
bin/elasticsearch-keystore add xpack.notification.jira.account.monitoring.secure_url bin/elasticsearch-keystore add xpack.notification.jira.account.monitoring.secure_user bin/elasticsearch-keystore add xpack.notification.jira.account.monitoring.secure_password
Storing sensitive data (url
, user
and password
) in the configuration file or the cluster settings is insecure and has been deprecated. Please use Elasticsearch’s secure keystore method instead.
To avoid credentials that transit in clear text over the network, Watcher will
reject url
settings like http://internal-jira.elastic.co
that are based on
plain text HTTP protocol. This default behavior can be disabled with the explicit
allow_http
setting:
The url
field can also contain a path, that is used to create an issue. By
default this is /rest/api/2/issue
. If you set this as well, make sure that this
path is the full path to the endpoint to create an issue.
xpack.notification.jira: account: monitoring: allow_http: true
It is strongly advised to use Basic Authentication with secured HTTPS protocol only.
You can also specify defaults for the Jira issues:
xpack.notification.jira: account: monitoring: issue_defaults: project: key: proj issuetype: name: Bug summary: "X-Pack Issue" labels: ["auto"]
If you configure multiple Jira accounts, you either need to configure a default
account or specify which account the notification should be sent with in the
jira
action.
xpack.notification.jira: default_account: team1 account: team1: ... team2: ...
Using SSL/TLS with OpenJDKedit
As each distributor is free to choose how to package OpenJDK, it may happen, that even despite the exact same version, an OpenJDK distribution contains different parts under different Linux distributions.
This can lead to issues with any action or input that uses TLS, like the jira
,
pagerduty
, slack
, or webhook
one, because of missing CA certs.
If you encounter TLS errors, when writing watches that connect to TLS endpoints,
you should try to upgrade to the latest available OpenJDK distribution for your
platform and if that does not help, try to upgrade to Oracle JDK.