Import findings to Jira Server on a schedule

You can use the Veracode Integration for Jira to schedule automated imports of findings from the Veracode Platform to Jira.

The integration imports findings in order of severity, with higher severity taking precedence, then in order of creation date, with earlier findings taking precedence.

To complete this task:

1. In Jira, select Administration > Manage apps > Import Automation.

2. Select the Automate Flaw Import checkbox.

3. Select an import frequency: Hourly, Daily, or Weekly.

4. If you selected Daily, select a time. If you selected Weekly, select a day and time.

5. In the Import Limit field, enter the maximum number of static findings you want to import at one time for any application. Import limits do not apply to SCA findings. If you do not provide an import limit, the integration imports all findings found in Veracode scans.

6. If you want to override the general import limit for a particular application:

   a. Select the Override by Application checkbox.

   b. Select the Veracode custom field that determines the import limit for the application. If the Veracode custom field configuration is invalid, the integration ignores the override and applies the general import limit.

7. Under Import missing flaws, select the checkbox to attempt to import any flaws that have not imported into Jira. During the next automatic import only, the integration checks for and imports flaws that it has not imported. After the import has completed, this option clears automatically.

   For example, an application with flaws might have been in error during previous automatic imports. These flaws are likely in the Veracode Platform, but there are no issues for them in Jira. On the Monitoring and Troubleshooting page, if you see errors indicating that issues failed to import, select this option to attempt to import the missing flaws during the next automatic import.

8. Select Save.