/
Configuring Splunk to Open Jira Server Tickets

Configuring Splunk to Open Jira Server Tickets

Oct 02, 2020

 

On this page:

Related pages:

Related links:

Splunk - Alerts page

 

You can configure Splunk to automatically open a ticket in Jira when a saved search generates an alert.

Prerequisites

Procedure

To automatically create Jira tickets from Splunk alerts, add an action to the alert in Splunk.

  1. From the Alerts page, click Open in Search beside the desired alert.
    Alternatively, run a new search.

  2. Ensure the following condition is included in the search: where isnull(self)
    For example:

    index=* "FATAL" | where isnull(self)

     This condition excludes the new JSD ticket from subsequent searches, ensuring that Splunk opens only one ticket each time the alert is triggered.

  3. Go to Save As > Alert.

  4. At the bottom of the window, click Add Actions, and then select JIRA Service Desk Ticket.

  5. Enter the connection details, and click Save


    The next time the search generates an alert, it will automatically create a ticket in your JSD instance.

Next Steps

Analyze data and configure reports in Splunk.