Skip to content

Jira integration

You can create or update Jira tickets from Sophos Cloud Optix alerts.

In Jira Integration, you configure the link between your Sophos Cloud Optix account and your Jira account so that the two services can interact. To find out more about Sophos Cloud Optix fields and permissions, and how they're used in Jira, see Jira integration permissions.


By default, Sophos Cloud Optix integrates with a single Jira instance.

To integrate with multiple Jira instances, upgrade the Jira integration in your account to Multi-Jira. You can then send alerts from your cloud environments to different Jira instances.

To upgrade, in Jira Integration, click Upgrade to Multi-Jira.

These instructions are for creating Jira integrations for a single Jira instance. To find out how to add Jira integrations after upgrading to use multiple Jira instances, see Multi-Jira setup.

To set up a Jira integration, do as follows:

  1. Click Integrations.
  2. Click Jira.
  3. If you click Enable, the integration is turned on when you Save the configuration.
  4. Enter your Jira URL, and the username and API token needed to connect to it.
  5. Enter the Jira project key for the project where you want the tickets to be created.
  6. In Alert Levels:

    1. Select which Sophos Cloud Optix alerts create Jira tickets.
    2. Optionally, change the Jira priority set for each alert level in Sophos Cloud Optix.
  7. Select Automatic to create Jira tickets automatically from alerts.

    If you don't select this, alerts in Sophos Cloud Optix include an option to create a Jira ticket manually.

  8. If you click Sync previous alerts, Sophos Cloud Optix creates Jira tickets for your existing alerts after you Save the configuration. Tickets are only created for the alert levels you selected in Alert Levels -> Jira priority.

    Sync previous alerts also requires Automatic to be turned on.

  9. In Alert Post By, choose how Jira updates tickets.

    • Consolidated: Updates the existing Jira ticket if another resource is affected by the same alert, or if the status changes (as in the Sophos Cloud Optix alerts page). This is the default.
    • Affected Resources: Creates a parent Jira ticket containing only the title of the alert. Then creates a separate Jira sub-task for each resource affected by the alert, puts the alert details in it, and links it to the parent.
  10. Click Mark as close to close tickets in Jira when an alert is resolved.

    If you don't select Mark as close the status of the tickets isn't changed.

  11. Enter a Close transition name to use in Jira tickets as they're closed.

  12. Select Add Compliance tags as labels to add policy tags as labels in Jira tickets.
  13. We recommend that you click Test configuration before saving your changes.
  14. Click Save.

In your alerts, you now see an option to create a Jira ticket (if you accepted manual ticketing).

If a Jira ticket has been created for an alert, a ticket icon appears Jira ticket icon. in the alert details. You can click the icon to go to the Jira ticket.