Jira

enterprise feature this feature is only available with trufflehog enterprise contact us to learn more get your trufflehog results sent to jira the jira notifier will create a new jira issue for each found secret the issue’s summary (title) will include the secret type and source type, and the issue’s reporter will be the user configured to authenticate to jira the issue will be created with no assignee the value configured as the notifier’s issuedescription will be prepended to a text block that contains the secret type and source type, whether the secret was verified, and additional secret metadata you cannot set the summary , description , or reporter fields as custom fields, as they are automatically set by trufflehog itself attempting to do so will cause errors in the scanner trufflehog will never modify issues in any way after they have been created in particular, it will not close or update them when it detects that the associated secret has been rotated the jira notifier supports either basic authentication or token based authentication if possible, please use token based authentication as it is the authentication method recommended by atlassian configuration web configuration you can configure this integration via the web ui through the integrations tab or you can use a local configuration file as outlined below local configuration token based auth notifiers \ connection '@type' type googleapis com/notifiers jira customfield \ name customfield1 type string value string field value \ name customfield2 type number value "42" \ name customfield1 type single select value single select field value endpoint https //trufflesec atlassian net issuedescription found a secret issuetype bug projectkey secrets token pat name create jira tickets type notifier type jira basic auth notifiers \ connection '@type' type googleapis com/notifiers jira basicauth password t0ken username svc trufflehog\@company com customfield \ name customfield1 type string value string field value \ name customfield2 type number value "42" \ name customfield1 type single select value single select field value endpoint https //trufflesec atlassian net issuedescription found a secret issuetype bug projectkey secrets name create jira tickets type notifier type jira options key description required endpoint the endpoint of your jira installation, on prem or cloud yes projectkey the project key to file issues into yes issuetype the type of issue to file (bug or task are common types to use) yes issuedescription a description that shows up before the finding informtation no customfield an array of custom fields to include when creating the issue see the example above no capabilities feature supported file tickets for findings ✅ auto close remediated findings (available as closed beta) ❕ set the leaker as the assignee ❌ assign labels to issues ❌ example here is a screenshot of a created jira issue with trufflehog generated and user configured values highlighted