Configure inputs for the Splunk Add-on for Jira Cloud
To configure Jira Audit input for the Splunk Add-on for Jira Cloud:
- In Splunk Web, go to the Splunk Add-on for Jira Cloud, either by clicking the name of this add-on on the left navigation banner or by going to Manage Apps, then clicking Launch App in the row for the Splunk Add-on for Jira Cloud.
- Click the Inputs tab.
- Click Create New Input and select "Jira Audit"
- Fill in the fields:
Field Description API token Select the API token you have created. See Configure credentials for Splunk Add-on for Jira Cloud. Name A name for the new input. UTC Start Time The date and time on or after which returned audit records must have been created. Jira Cloud audit records are limited by retention period as described in <https://support.atlassian.com/jira-cloud-administration/docs/audit-activities-in-jira-applications/#AuditinginJiraapplications-Editauditlogsettings>. Format: YYYY-MM-DDThh:mm:ss This field is optional. If not defined, the initial checkpoint is the first time that the input is run.
Interval How often, in seconds, the Splunk platform calls the API to collect data. Index The index in which the Splunk Platform stores events from Jira Cloud. The default is "Main".
To configure Jira Issues input to fetch Issues from the Jira Cloud instance using Splunk Add-on for Jira Cloud:
- In Splunk Web, go to the Splunk Add-on for Jira Cloud.
- Click the Inputs tab.
- Click Create New Input and select "Jira Issues".
- Fill in the fields:
Field Description API token Select the API token you have created. See Configure credentials for Splunk Add-on for Jira Cloud. Name A name for the new input. Projects After you select API Token, the multi-select list will be populated depending on the projects available in the Jira Cloud instance UTC Start Date UTC Date from which the user wants to start fetching the Jira issues in format YYYY-MM-DD hh:mm. The default start date value is 30 days ago in UTCInterval The input polling interval, in seconds Include jira fields The fields that you want to include in the jira issue response. Provide a comma-separated list of values. For example assignee, reporter, severity. By default, the configured "time field" of the event will always be included in the issue response. If the user provides the value for "Exclude jira fields", then this field will be disabledExclude jira fields The fields that you want to exclude from the jira issue response. Provide a comma-separated list of values. For example assignee, reporter, severity. If the user provides the value for "Include Jira fields", then this field will be disabledTime field This field will be used for making API Calls to fetch Jira issues. Default value: updated. It is recommended not to modify the default value. Please provide a single value here as this is not a multi-value field. Filter parameters You can provide Jira filter here as per JQL syntax, for example, labels="temp" AND summary ~ "temp". It is recommended that the time-related fields should not be included in the filters to avoid data collection discrepancies. Index Index in which you want to collect data
Please do not provide the same information in "exclude jira fields" and "time field" while configuring the input. For example: "Exclude Jira fields - created, priority, description" and "Time field - created". This will obstruct the checkpoint mechanism and data collection
Upon successful execution of the Jira Issues modinput, the add-on will collect Jira issues with all the fields associated with the issues. It will also include the custom fields that might not be important for the user, they can exclude those fields in the "Exclude jira fields" option while configuring the modular input
| Set up Splunk Add-on for Jira Cloud | Configure Alert Actions for the Splunk Add-on for Jira Cloud |
This documentation applies to the following versions of Splunk® Supported Add-ons: released
Download manual
Feedback submitted, thanks!