Configure Safeguards

Preparing for Jira 9.0

On this page

Still need help?

The Atlassian Community is here for you.

Ask the community

Safeguards, previously known as the Guardrails Tool, provide System Administrators with a new way to moderate a user group’s activity by setting a global limit on the number of specific items its members can create. For example, if you rely heavily on automation, you can limit the number of comments a bot account can add to an issue, which can help boost the performance of loading the issue view.

Additionally, the tool will send out email notifications at certain limit-approaching thresholds and can also collect information about attempts at breaching the limit in the audit log.

On this page

Configure comment limits

While Safeguards are enabled and configured with a comment limit by default, you may want to change the default values or define the user groups whose activity you want moderated automatically.

Restricting group activity may limit the group members' ability to perform actions that are explicitly or implicitly related to commenting:

  • bulk editing issues
  • importing instance backups
  • creating sample projects with prefilled data
  • commenting on issue transitions
tip/resting Created with Sketch.

You can determine which comment authors are the most active by running the following query on your database. This may be helpful in identifying bot accounts.

SELECT
	author,
    count(*) as "number of comments"
FROM
	jiraaction
WHERE
    actiontype='comment'
GROUP BY
	author
ORDER BY
	count(*)
	DESC
LIMIT 50;

You may also find it helpful to learn how to find the issues with the most issue link or comments.

To complete the configuration:

  1. Select Administration > System.
  2. On the General Configuration page, select Advanced Settings.
  3. Optionally, change the default value of 1000 for the jira.safeguards.issue.comments property to a different maximum number of comments per issue. The value of no limit ("-1") disables alerting and limiting functionality.

  4. Set the value of the jira.safeguards.config.restricted.groups property to a comma-separated list of groups that the limit should be applied to. 

    We recommend setting this value to the group containing accounts used for automation and artificial content generation (bot accounts). The default value of no group ("") implies that no group is being limited.

    Setting this property is not required if you're only interested in the notification feature.

  5. Select Update to save your changes.

Receive email notifications

As long as a limit is set, Safeguards will send email notifications to all System Administrators when:

  • 90% of the configured limit is reached
  • 100% of the configured limit is reached
  • an attempt at breaching the limit is made
  • the set limit is exceeded by 10% for the first time
  • the number of comments in an issue increases by another 10% above the set limit (at 120%, 130%, and so on)

To receive email notifications, set a global comment limit.

Collect audit log events

Safeguards can save information about blocking an account’s activity to the audit log.

To collect audit log events from the tool, set a global comment limit and a restricted group, and make sure that the end user activity audit coverage level is set to Full. Learn how to edit audit log settings

Detailed log information is also saved to the atlassian-jira.log file. Log events related to approaching or exceeding the limit are created at the WARN level. Alert events aren’t collected in the audit log if no user activity was blocked.

Disable Safeguards

To disable the feature entirely:

  1. Go to <JIRA_URL>/secure/admin/SiteDarkFeatures!default.jspa, where <JIRA_URL> is the base URL of your Jira instance.
  2. In the Enable dark feature text area, enter com.atlassian.jira.safeguards.disabled, and then select Add.

To re-enable the Safeguards, in the Site Wide Dark Features panel, find com.atlassian.jira.safeguards.disabled, and then select Disable.

Disable email notifications

To disable email notifications:

  1. Go to <JIRA_URL>/secure/admin/SiteDarkFeatures!default.jspa, where <JIRA_URL> is the base URL of your Jira instance.
  2. In the Enable dark feature text area, enter com.atlassian.jira.safeguards.email.notifications.disabled, and then select Add.

To re-enable email notifications, in the Site Wide Dark Features panel, find com.atlassian.jira.safeguards.email.notifications.disabled, and then select Disable.

Disabling email notifications has no effect on collecting log data in the atlassian-jira.log file and the audit log.

Last modified on Jul 19, 2022

Was this helpful?

Yes
No
Provide feedback about this article
Powered by Confluence and Scroll Viewport.