Hi @Tom_Lundie 

i am not sure how to tell that exactly,  but in splunk i see the app name as "Jira Issue collector"
when i searched in google with this appname i got this
https://splunkbase.splunk.com/app/4814

but i am not sure the same is used in my splunk environment.
is there any way to check and confirm.

I can't find any apps in SplunkBase that are named "Jira Issue Collector" in Splunk.

If you go into Splunk > Apps > Manage Apps

Can you find the JIRA app and share the folder name? That might help to track it down.

Also, in general for JIRA the way issues are ingested externally is to leverage a JQL search via API.

For JIRA Server (on-prem) this looks like:

http://jira-server:port/rest/api/2/search?jql=

For JIRA Cloud this looks like:

https://your-domain.atlassian.net/rest/api/3/search?jql=

 These will list all issues, but you can use specific JQL in the same way that you would use it within JIRA to list retrieve specific issues.

hi @Tom_Lundie ,

folder name is TA-jira-issues-collector

Ah-ha, yeah that TA is archived. However this TA is in GitHub and it aligns with what I was saying on my previous answer.

See line 25 on jira_issues_collector.cc.json it uses the search REST API for Jira Server that I mentioned before.

thank you for that.
As i said before we are seeing jira data in splunk. but now if i want to see the jira comments , Worklog, history, activity data in splunk.
how can i do this?

This TA also supports a comments input. Given that it’s archived and unsupported, I would typically recommend upgrading to a different TA. However, there doesn’t appear to be anything up-to-date for JIRA server.

Why don’t you try adding a comment stanza like based of the default one defined in default inputs.conf.

hi @Tom_Lundie 

okay now i installed new app ta-jira-issue-input
but while adding newinput there is a filed called "jira account" what i should give there???

form this app, if i want to get the comments, worklog, activity details, how can i do so??? 

Hi Harish,

Originally, you were asking about which JIRA REST APIs your TA is using, now you're asking for help with the configuration of a completely different TA.

I am happy to help on this occasion, but next time you should either be more clear with what you're trying to achieve in your original question or start a different question, this will enable the community to help you better and help other's searching for this in the future.

That being said, to configure this TA, try the following configuration in the TA's ./local directory.
(This config will ingest all issues, in 10minute windows, capturing the comments and worklog too, feel free to add your fields to the issue_fields parameter).

inputs.conf

[jira_issue://<<insert_name_here>>]
index = <<your_jira_index>>
interval = 600
jql = updated > -10m
issue_fields = summary,description,project,creator,assignee,reporter,comment,worklog
service_account = jira_svc_account

ta_jira_issue_input_account.conf

[jira_svc_account]
username = <<jira_svc_account_uname>>
password = <<jira_svc_account_pwd>>
jira_server = <<jiraserver:jiraport>>
verify_jira_server_certificate = <<1|0>>

P.S. This TA is not a true modular input, in that it does not store timestamps to make sure that you don't miss issues. Instead, it polls every 10 minutes for the last 10 minutes worth of updates. If an update falls just between runs or the TA fails to run for 10 minutes you will not ingest the issue, so please bear that in mind.