# Set up Jira to Receive Radiant Outgoing Webhooks This guide will walk you through creating an automation rule in Jira that listens for incoming webhooks from Radiant and creates a corresponding Jira issue (Ticket, Bug, or Incident) with all the relevant alert details. ### Prerequisites Before you begin, ensure you have the following: * [ ] Admin access with permission to create Automation Rules in your Jira project or Global settings. * [ ] The specific Jira project (and its Key, e.g., `SEC`, `OPS`) where you want the tickets to be created. * [ ] Understanding of [Radiant Outgoing Webhooks](https://help.radiantsecurity.ai/export-logs/outgoing-webhooks/set-up-outgoing-webhooks). ### Create the incoming webhook trigger in Jira First, you need to generate a secure webhook endpoint in Jira that Radiant can talk to. 1. In Jira, navigate to **Project settings > Automation** (for a specific project) or **System > Global Automation** (to create a rule that works across multiple projects). 2. Click **Create rule** in the top-right corner. 3. Under **Add a trigger**, search for and select **Incoming webhook**.

4. Under **Execute this rule using** select **Issues provided in the webhook HTTP POST body**. 5. Under **Rule details**, select an action for your rule (e.g., Create Incident, Create sub-tasks), as well as any conditions or branches you may want to add.

6. Ensure **Turn on rule** is toggled. Give the rule an identifiable name and configure the necessary edit permissions.

7. You will see a unique **Webhook URL** and a **Secret** key. Copy both of these values and save them temporarily; you will need them for the Radiant configuration.

### Configure the automation rule to create tickets 1. In the rule builder, click **+ Add component.** 2. Select **THEN: Add an action.**

3. Search for and select **Create issue.** 4. Choose the target project and type (e.g., Task, Incident, Bug). 5. Map the data sent by Radiant to your Jira fields using **Smart Values**. ### Recommended field mappings Copy and paste the following Smart Values into your Jira fields to populate them with Radiant data: **Summary** ```css Radiant Security Alert: {{webhookData.rs_alertNumber}} - {{webhookData.rs_webhookTriggerType}} ``` **Description** ```css h3. Alert Details * *Alert Number:* {{webhookData.rs_alertNumber}} * *Trigger Type:* {{webhookData.rs_webhookTriggerType}} * *Time:* {{webhookData.rs_webhookTriggerTimestamp}} * *Link to Radiant Alert:* [View Analysis|{{webhookData.rs_alertUrl}}] h3. Summary {{webhookData.rs_alertBrief.summary}} *Intent:* {{webhookData.rs_alertBrief.intent}} h3. Raw Payload {{webhookData}} ``` **Labels:** e.g. `radiant`, `soc-automation`, `auto-ticket` #### Optional: Map "Priority" You can also map the Jira Priority field based on the Radiant `rs_webhookTriggerType`. 1. In the rule builder, click **+ Add component** (after the "Create issue" step). 2. Select **IF: Add a condition.**

3. Under **Add a condition**, select **{{smart values}} condition.** 4. Configure the Condition: * **First value**: Paste `{{webhookData.rs_webhookTriggerType}}` * **Condition**: Select `contains` * **Second value**: Enter `Malicious` 5. Click **Next.** 6. Now, inside this new **If block**, click **+ Add component** > **THEN: Add an action.** 7. Select **Edit issue.** 8. Check the **Priority** field and set it to **High** (or your preferred Critical status). 9. Click **Next.** {% hint style="info" %} **How this works:** The rule will first create the ticket with the standard description. Then, it checks if the alert is "Malicious"; if true, it immediately updates that same ticket to "High Priority." {% endhint %} ### Configure a Radiant outgoing webhook To configure the webhook, please refer to the [Set up Outgoing Webhooks](https://help.radiantsecurity.ai/export-logs/outgoing-webhooks/set-up-outgoing-webhooks) guide. {% hint style="danger" %} **Important note:** When configuring the Jira webhook in Radiant, the **Header Name** *must be exactly***:**\ \&#xNAN;**`X-Automation-Webhook-Token`** This is the header Jira Automation expects for authenticating incoming webhook requests.\ Using anything else (e.g., `Authorization`, `X-Radiant-Token`, etc.) will cause Jira to reject or ignore the webhook. {% endhint %}