Configure Global Settings

To configure the WhiteHat Sentinel Plugin for JIRA® perform the following steps:

  1. From the JIRA® System Dashboard click on the gear icon.

    config global jira plugin 1

  2. Click on Manage apps.

  3. Log into an Admin account to manage the apps installed on JIRA®.

    config global jira plugin 2

  4. Click on Manage apps.

    config global jira plugin 3

  5. Select Configure Global Settings to configure the plugin connection to Sentinel. The following page is displayed.

    config global jira plugin 4

  6. Authenticate WhiteHat Sentinel Credentials.

    config global jira plugin 5

    1. Select a US, EU, or Other server.

    2. Type your API key in

      That a valid API key must be entered before the plugin can be used.

      To find out how to generate an API key on Sentinel (Please see Generating an API key.)

    3. To use an outbound proxy server, click on the radio button.

    4. Type in the Proxy Host name and the Proxy Port number.

    5. Type in your Username and Password to log into the proxy server.

    6. Click on Authenticate to check your connection.

  7. Optionally, Configure JIRA® Tickets. Select the relevant radio buttons to configure default updates for your tickets.

    1. To reopen closed tickets whenever a vulnerability’s status is updated in the WhiteHat Portal.

      config global jira plugin 6

    2. To close your existing tickets automatically if corresponding vulnerabilities are closed in the WhiteHat Portal.

  8. Optionally, configure the Vulnerability Content.

    Additionally, you can configure your tickets to view the retest status and notes or tags associated with a vulnerability.

    1. Select the relevant radio button to show responses from the Synopsys TRC team, when your team members ask questions about a vulnerability on Sentinel.

      config global jira plugin 7

  9. Optionally, configure Notification Settings.

    1. Select the relevant radio button to determine when alerts should be sent.

      config global jira plugin 8

    2. Then enter a comma-delimited list of the emails that should receive alerts.

  10. Optionally, make changes to the Advanced Configurations.

Each of the following actions can cause the Sentinel Plugin for JIRA® to consume more system resources to the expense of the Jira server and its other components or plugins:

  • Setting too small a syncing interval.

  • Setting too high a value for the maximum number of worker threads for Sentinel API.

  • Setting too high a limit on total vulnerabilities returned per API request.

  • Setting too small a time interval between ticket updates.

  • Setting too high a maximum character limit for issue fields.

    1. Select the Advanced Configurations checkbox.

      config global jira plugin 9

    2. Set Synching Interval (in minutes) set the interval at which Sentinel and JIRA® will be synched.

    3. Pause Synching for time interval set one or two daily time intervals during which synching will be paused. Select the Pause syncing for time interval 1 checkbox, to see the start and end time boxes for the first and, optionally, second period during which you want to pause synchronization.

    4. To pause synchronization between 8:30 and 9:30 a.m. and between 4:45 and 5:45 p.m., your entry should look like this.

      Each start and end time should be entered in hours (0-23) and minutes (0-59).

    5. Set Maximum Number of Worker Threads cap the number of API requests that can be in process at once.

    6. Ignore Certification for Sentinel API allows you to ignore any cert issues between your server and Sentinel.

      Do Not enable the option to Ignore certificates for Sentinel API, unless troubleshooting connectivity issues with the Sentinel server.

    7. Set Limit on Total Vulnerabilities Returned per API Request limit the number of tickets that can be created from a single request.

    8. Set Time Interval Between Ticket Updates set the minimum interval (in milliseconds) between ticket updates from the Sentinel API.

    9. Maximum character limit for issue fields set a maximum character length for your Summary, Description, and Comments fields. Tick the checkbox to set your preferred maximum. The default value for this field will match JIRA®'s global character limit, which is stored in 'jira.text.field.character.limit' and can be accessed from Administration>System>Advanced Settings. If you customize this value, it must be set to a value between zero and the maximum character limit set in 'jira.text.field.character.limit'.

    10. Configure Logging set the Logging level to the detail level desired from:

  • INFO

  • DEBUG

  • TRACE

    1. Log buffer size (lines) set the number of lines that will be retained in the log buffer.

      The Configure Logging default values are a Logging Level of INFO and a log buffer size of 1000 lines.
      config global jira plugin 10

      1. When you have completed the Global Configuration process, click on Save.