Skip to main content
All CollectionsInvestigate and respond
Create an automation rule

Create an automation rule

Create a Confluence automation rule from an alert or using a template.

Audrey Garcia avatar
Written by Audrey Garcia
Updated this week

Whether you need to buy your team some time to investigate or have a defined process for responding to alerts, automations may help your security team streamline their workflow and stay on top of alerts.

We leverage automations in Jira and Confluence to provide automation options for content scanning alerts. How does automation work with Guard Detect?

Create an automation rule from an alert

You can create automation rules directly from a content scanning alert.

To create an automation rule from an alert:

  1. In Guard Detect, select Alerts from the header.

  2. Navigate to the alert, and select the Automation icon.

  3. Select a template or create a new rule.

  4. Follow the prompts to configure the trigger and actions.

  5. Give your automation rule a name, and enable it when you’re ready.

Create an automation rule from Confluence

You can also create your rules directly in Confluence.

To create an automation rule:

  1. In Confluence, go to space automation or global automation.

  2. Select Create rule.

  3. Search for the Content scanning alert for Confluence trigger

  4. Follow the prompts to configure the trigger and actions.

  5. Give your automation rule a name, and enable it when you’re ready.

Create an automation rule from Jira

You can also create your rules directly in Jira. How to create automation rules in Jira

To create an automation rule:

  1. In Jira, go to project automation or global automation.

  2. Select Create rule.

  3. Search for the Content scanning alert for Jira trigger

  4. Follow the prompts to configure the trigger and actions.

  5. Give your automation rule a name, and enable it when you’re ready.

Test your automation

We recommend you test your rule in a single space first before rolling it out across all your product instances. This will help you identify any unexpected consequences and refine your automation rule.

There are a few known issues you should be aware of.

Restrict page action replaces existing restrictions

The Restrict page action replaces the existing page restrictions and does not currently support smart values. This means that when you automatically restrict the page, you may be locking the alert actor, page owner, and other contributors out of the page.

As a workaround, you can add the rule initiator to the restrictions, which means the alert actor at least can still access the page.

Smart values may not be available when page is restricted

if rule owner has no access to page (because its restricted) some smart values (that return data about the page itself) might not be available.

Not all actions are available for every Jira project type

Some actions, such as applying an issue security level, are only available for team managed projects or company managed projects. While we include these actions in the template, it’s easy to remove them or replace them with a different action.

Rule actor and connection owner may need access to Guard Detect

If you see a rule validation error that says the actor or connection owner (if the trigger has been configured as a cross-site trigger) needs access to Guard Detect, you will need to edit the rule details and choose a user who has Guard Detect admin permissions to run the rule.

Did this answer your question?