After the AlienApp for Jira is configured and users execute the supported actions directly or through an orchestration rule, you can easily view a list of the Jira issues created by USM Anywhere and look at the events Any traffic or data exchange detected by AT&T Cybersecurity products through a sensor, or through external devices such as a firewall., alarms Any traffic or data exchange detected by AT&T Cybersecurity products through a sensor, or through external devices such as a firewall., and vulnerabilities A known issue or weakness in a system, procedure, internal control, software package, or hardware that could be used to compromise security. related to the executed actions.
Viewing Jira Issues Created by USM Anywhere
The Issues list includes all issues created by an action applied directly to an alarm, event, or vulnerability, as well as any from actions that were triggered by an orchestration rule. From this list, you can open the issue in your cloud-based Jira instance to view additional information about the issue or make updates to the issue, such as assigning the item to a team member or changing the priority.
To access the Jira issues
- In USM Anywhere, go to Data Sources > AlienApps.
- Click the Available Apps tab.
- Search for the AlienApp, and then click the tile.
Click the Issues tab.
The displayed list includes all Jira issues generated by USM Anywhere, with the most recently opened issues at the top. Here you can view the status and assignment for the issue as reported by your Jira instance.
Click View to open the incident in the Jira user interface (UI).
In Jira, you can assign the issue, change its status, or perform any of the functions supported in the Jira project.
Filtering the Labeled Alarms and Vulnerabilities
USM Anywhere uses labels as a mechanism to classify alarms and vulnerabilities. These labels make it easy to filter items by label so that you can locate them easily and track their status. When the AlienApp for Jira executes a response action for an alarm or vulnerability, it automatically applies the Jira label to it. You can use this label as a filter so that a page displays data for only those items related to an AlienApp for Jira response action.
To view Jira action alarms or vulnerabilities
- Open the Alarms page or Vulnerabilities page.
If the Search & Filters panel is not displayed, click the icon to expand it.
USM Anywhere includes several filters displayed by default.
Locate the Labels filter and select Jira.
If the Labels filter is not displayed, click Configure Filters at the bottom of the Search & Filters pane to configure filters for the page. See Managing Filters for more information about configuring filters for the page display.
In the displayed list, you can scroll the list to the right and view the Labels column.