Showing results for 
Search instead for 
Did you mean: 
Sign up Log in

Create Notifications from Audit Log Activities using Automation


You have Jira Audit Logs, however they can be a pain to navigate. Instead, why not create notifications based on certain Audit Log Activities? This would enable Users/Admins to know when a Workflow/Email Channel/Permission Scheme, etc. was updated, allowing you to know exactly when a certain Audit Log Activity occurred. This can be achieved using Automation, in addition to Opsgenie.

However this is possible using other REST APIs as well, but the syntax will change slightly when sending the data from the Automation Rule.


How do we set this up using Automation for Jira and Opsgenie?

First we will need:

  • An Atlassian API Token tied to your account to obtain the Audit Log data from, using a GET Web Request Action in the Automation Rule
    • You will need to also base64 encode your email address and this API token using the Authorization Basic format for the headers section of your GET Web Request Action. You can use this link as an example to base64 encode your email and the token (with the format of email:token please do include the colon as well):
  • An API Key from a Default API Integration in Opsgenie, which will be used with the POST Web Request Action in the Automation Rule to send the Audit Log data to Opsgenie
    • Please ensure that your Opsgenie Default API integration allows for Read, Create, Update, and Delete access and is also enabled

Second, we setup the Automation Rule:

  • Create a Scheduled Automation Rule using the Scheduled Trigger to run every 1 hour (as an example)
  • Create a GET Web Request Action using Basic Authorization and Accepting JSON. This will use a Web Request URL similar to the code below. Please note: The ?filter=component is used to determine the type of Audit Log record that is going to create an Opsgenie Alert. So you can change component to another keyword found in the Audit Logs. To add, this value is based on a String value found in the Change Summary of the Audit Logs in Jira:

Screen Shot 2022-10-27 at 11.41.34 AM.png

Web request URL:{{now.minusdays(3).jiraDateTime.urlencode}}&filter=component
  • So for informational purposes the {{now.minusdays(3) will look at the time now, and back 3 days in time and use the Jira Date/Time format from .jiraDateTime.urlencode}} which will format the data and encode it correctly as we are using smart value variables:

Screen Shot 2022-10-27 at 11.21.53 AM.png

  • Afterwards, we setup an Advanced compare condition with the value of: {{webResponse.body.records}} that Does Not Equal Empty to ensure the Rule creates an Opsgenie Alert, only when there is content in the Web Response Body.
  • Then we will create a Smart Value Variable Advanced Branch of: {{webResponse.body.records}} and name it log, so we can later reference the web response body in the POST API call to Opsgenie. So move the Audit Log data from the GET to the POST simply by referenced the web request response from the initial action.
  • Lastly, we will setup the POST Web Request Action to Opsgenie using the Alert API, using the GenieKey (API Key) for the Default API integration in Opsgenie. This will have a Web Request URL of: and have Headers of: Authorization GenieKey APIKEYFROMOPSGENIEINTEGRATION
  • This POST Web Request Action will use Custom Data, formatted like this, using values found in the Alert API in Opsgenie.
    • We are first debugging the data to log it to the Audit Log of the Automation Rule, and then including the formatting of the content to send into the Alert, based on the fields available in the Alert API
"message": {{log.summary.asjsonstring}},
"alias": "{{#now}}format="toMillis"{{/}}",
"description": "{{#log.changedvalues}}Value: {{fieldName}} - Old: {{changedFrom}} - New: {{changedTo}} \n{{/}}",
"tags": ["automation"],
"details": {
"category": {{log.category.asjsonstring}}
"priority": "P4"

Screen Shot 2022-10-27 at 11.34.26 AM.png

  • Once this runs on the Scheduled timeframe or is manually ran, it will create an Alert that will look like the following:

Screen Shot 2022-10-27 at 11.09.45 AM.png

  • Side note: Please ensure that you have Delay execution of subsequent rule actions until we've received a response for this web request set to True/Checked for both Web Request Actions

Additional Articles relating to this configuration:


I hope this helps allow you to receive notifications on various Audit Log Actions and enable you to keep track of changes in your Jira site. :)


Christian B.


Vaishali Patil October 27, 2022


I get an 401 error for the send web request

"Basic authentication with passwords is deprecated. For more information, see:"


I am using the api token.. How do I fix it?




Christian Beaulieu
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
October 27, 2022

Hi @Vaishali Patil you need to base 64 encode your email address and API token. I will update the article to mention this too. :) 

Like Vaishali Patil likes this
Pramodh M
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
October 27, 2022

@Christian Beaulieu 

Great, Thanks for sharing!!

How about some activities logged via Webhooks, we can instead use the webhooks. Any thoughts

Christian Beaulieu
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
October 27, 2022

@Pramodh M I'm sure that might be possible, but just to be clear, that is not the intention of this article specifically. I can explore this as a different Article topic in the future :)

Thanks for the suggestion!


Christian B.

Like Pramodh M likes this


Log in or Sign up to comment
AUG Leaders

Atlassian Community Events