JIRA Server (On-prem)

Updated 3 days ago by Elvis Hovor

Introduction

This document provides a details of TruSTAR's JIRA add-on along with a step by step guide to installation, setup and troubleshooting.

Workflow Diagram

Demo Video

Requirements

The add-on is compatible with server version 7.5.x-7.9.x.

Note: The plugin is not compatible with all JIRA server versions 8.0.0 and above.

Installing the add-on requires admin privileges to install. More information available here: https://confluence.atlassian.com/upm/installing-add-ons-273875715.html

Download Files

For JIRA Server instances:

These bundles are required to successfully install the TruSTAR plugin on JIRA server instances. Note: These bundles can only be installed on JIRA Server instances.  

#

Bundle Name

Description

1

JIRA Server

The add-on is compatible with JIRA server version 7.5.x - 7.9.x. To use with JIRA servers 7.10.0 and above please refer to our documentation on JIRA Server On-Prem (Current Version) 

Easy Install - Atlasssian Marketplace

Connect to the Atlassian Marketplace website from the Atlassian application’s administration console.

  1. You can install the TruSTAR add-ons by navigate to the application's administration console and selecting  the Find new add-ons link.
  2. Enter TruSTAR  in the Search the Marketplace box.
  3. Click the Install button for TruSTAR from the Find new add-ons administration page.

This method is the quickest way to install add-ons, however, you can also install by file upload, as described in the next section

Manual Installation

We recommend trying to install the add-on using the Atlassian Marketplace.

  1. Download TruSTAR's JIRA add-on. Please contact support@trustar.co for this file.
  2. From the application's administration console, click the Manage add-ons link.
  3. Click the Upload add-on link at the top right side of the page.  
  4. The upload add-on dialog will appear, enter the location of the JAR or OBR file to upload using the file chooser or by specifying a network location by entering a URL.
  5. Click Upload.
  6. A confirmation message appears when the add-on is successfully installed.

You can now manage the add-on from the user-installed add-on list on the Manage add-ons page.  

Setup & Configuration

Configure the Plugin by selecting the TruSTAR Configuration under manage add-ons section

Follow details below configure the add-on for use.

Configuration Details

  • Fill the configuration details (see Table below for more details).

Input Parameter

Required

Description

Endpoint

Yes

Use https://station.trustar.co This is TruSTAR station URL from where data get collected by executing API calls.

Access Key

Yes

Authentication Key to connect to TruSTAR station. It will be used for making API calls. Available under Settings-> API on TruSTAR Station.

It will be in clear text at the time of initial configuration.

On save of configuration, Access key will get stored in encrypted format. On edit of the access key input, the field will be blank.

Secret

Yes

Secret Key to connect to TruSTAR station. It will be used for making API calls. Available under Settings-> API on TruSTAR Station.

It will be in clear text at the time of initial configuration.

On save of configuration, Secret key will get stored in encrypted format. On edit of the secret key input, the field will be blank.

Enclave IDs

Yes

Enclave/s in TruSTAR where you want to submit newly created JIRA cases. Enclave IDs are available in TruSTAR Station under Settings-> Enclave on TruSTAR Station.

Project Keys

Optional

Leave Projects keys field blank if you want all cases created in JIRA to be submitted to TruSTAR.

Alternatively, enter comma separated list of project keys for only the projects you want to be submitted to TruSTAR

Using the Add-on

Submit JIRA Report

Once a case is created in JIRA the TruSTAR integration will trigger Submit Report event to TruSTAR. This case will be submitted as a TruSTAR report to the enclave(s) you have identified in your configuration.

Once the case is submitted into the select enclave(s) in TruSTAR  it returns a deep link in the comments section to the case in TruSTAR station. You can click on this link to take you to the case in TruSTAR.

Correlated Reports

Once a case is successfully submitted to TruSTAR the comments section will show the count of correlated TruSTAR reports for IOCs in that case.

Image below shows correlated report in the case comments. It shows correlated report count found in TruSTAR.

Correlated IOCs

Once a case is successfully submitted to TruSTAR the comments section will show correlated TruSTAR IOCs.

Below image shows correlated indicator work note details shown in security incident. It shows correlated indicators with deep link to TruSTAR Station.

Updating with New TruSTAR IOCs

The TruSTAR platform is constantly updated with new IOCs, which could provide enrichment for an existing JIRA case. This integration updates correlated indicators found in TruSTAR in Associated Indicators tab for a created incident.

Also anytime a ticket is updated the it is updated inside the enclave in TruSTAR and a updated list of the number of correlated reports and correlated indicators is added to the comments section.

Known Limitations

Depending on the JIRA server and versions there are known instances when it takes about 10 seconds to add TruSTAR correlation details on a newly created ticket in JIRA.

Please reach out to support@trustar.co for any additional questions.

Troubleshooting & FAQ's

Q: Where do i find logs related to the TruSTAR add-on ?

A: Logs can be found at <JIRA_HOME_DIR>/atlassian-jira.log (Considering the jira administrator hasnt changed it).

Q: What ports and firewall exceptions are needed for the Integration to work?

A: The TruSTAR integration requires no special port allocations or firewall exceptions to be installed. Users need to follow firewall and port guidelines for installing JIRA server. However, for certain functions the add-on needs access to station.trustar.co over port 443

Q: Do you support JIRA Cloud?

A: We are currently in the process of getting the TruSTAR JIRA add-on certified to work with JIRA Cloud. Please contact support@trustar.co to get further details about the status of JIRA Cloud add-on.


How Did We Do?