Azure
AzureSecurityCenter

Azure Security Center PlayBooks with JIRA

 Azure Security Center PlayBooks with JIRA

In this article i want to share how to integrate Azure Security Center PlayBooks with JIRA with custom fields.

Security playbook can help to automate and orchestrate your response to a specific security alert detected by Security Center. Security Playbooks in Security Center are based on Azure Logic Apps, which means you can use the templates that are provided under the security category in Logic Apps templates, you can modify them based on your needs, or you can create new playbooks using Azure Logic Apps workflow, and using Security Center as your trigger.

Source of the above text: https://docs.microsoft.com/en-us/azure/security-center/security-center-playbooks

Let’s get into specifics

Step 1: Generate a New JIRA API Token

Step2 : Create a New JIRA connection use the token while creating a JIRA connection.

Note: When you revoke the token in JIRA don’t forget to update the same here.

Step 3: Create and Action and associate it to JIRA, enter your JIRA specific entries in the below screenshot we are just updating an existing bug with comments.

Step 4: To create a new ticket in JIRA use the Create a new issue action and fill the required values

Step 5: Once you add all the entries go to the Code View and add the below code in the fields section add the additional parameter that you would like to send to JIRA in the below example i am sending components as an additional parameter.

“components”: { “id”: “123456” }

“Create_a_new_issue”: {

“inputs”: {

“body”: {

“fields”: {

“components”: [ { “id”: “123456” } ] }

},

Note: Each JIRA has an ID value associated and use an appropriate id for the fields which are required use POST man to query the API and get the respective values for your JIRA project. Below in the example i am passing component which is a mandatory filed in JIRA for which the standard Azure JIRA playbook does not have editable fields.

For eg : for JIRA components field “test” the id is 13900

Step 6: Run the same in Logic Apps Designer and check for failures/errors.

 

Leave a comment