After upgrading to Jira 9, our audit reporting module stopped capturing CI/CD events from Jenkins and GitLab webhooks. We have application links configured for both tools, and the webhooks fire successfully (we can see activity in CI tool logs), but these events never appear in Jira’s audit log.
Our compliance team needs a complete audit trail showing when builds trigger, which deployment environments are updated, and who approved production releases. The advanced audit configuration shows categories for “Application access” and “Project events” but nothing CI-specific.
We tried adding scripted listeners to capture webhook payloads, but we’re unsure if Jira 9 changed how audit events should be written programmatically:
AuditRecord record = new AuditRecord("CI_BUILD");
record.setDescription("Build triggered");
auditManager.store(record);
Is there a Jira 9 compatibility issue with our CI integration apps, or do we need different event mapping configuration?
I faced similar issues after upgrading to Jira 9. The audit configuration categories changed significantly. Check if your CI integration apps are certified for Jira 9 - many older plugins don’t write to the new audit framework correctly. You might need updated versions of your Jenkins and GitLab connector apps.
Thanks for the insights. I checked our Jenkins and GitLab connector apps - both are older versions not certified for Jira 9. I also confirmed that webhook signatures weren’t configured. Are there specific configuration steps for enabling audit event capture from application links in Jira 9?
The scripted listener code you showed uses the old API. In Jira 9, you need to inject AuditService and use proper category enums. Also, application links now require webhook signatures to be validated before audit events are accepted. If your CI tools aren’t sending signed payloads, Jira silently drops the events. Check the application link configuration for webhook secret configuration and ensure your CI tools are configured to sign their webhook requests with that secret.
The root cause is definitely the Jira 9 audit framework changes. Before writing custom scripted listeners, update your CI integration apps first - that’s the proper solution.
Jira 9 Advanced Audit Configuration:
Go to Settings → System → Audit log configuration. Enable “Application link events” category. This wasn’t a default category in Jira 8 but is required in Jira 9 for CI/CD event capture.
Application Link Event Mapping:
For each application link (Jenkins, GitLab), edit the link configuration and navigate to the “Audit Settings” tab (new in Jira 9). Map webhook event types to Jira audit categories:
build.started → Application link events
deployment.completed → Application link events
approval.granted → Project events
Ensure webhook secrets are configured so Jira validates incoming payloads.
Scripted Listeners for Custom Audit Events:
If you need custom audit logic beyond what the CI apps provide, use the new AuditService API:
This properly registers events in Jira 9’s audit system.
CI Integration App Compatibility:
Verify your Jenkins and GitLab connector apps are Jira 9 compatible. Check the Atlassian Marketplace for updated versions. Older plugins using deprecated audit APIs won’t write events correctly in Jira 9. After updating apps, you may need to reconfigure application links to enable the new audit features.
Once you’ve updated the CI apps and configured audit categories properly, webhook events should appear in your audit log with full compliance traceability. The scripted listener approach should only be a fallback for events not covered by your CI integration apps.
For application link event mapping, I found that Jira 9 requires explicit audit category registration. The old automatic event capture doesn’t work anymore. Your scripted listener approach is on the right track, but the AuditRecord constructor signature changed. You need to specify the audit category explicitly and use the new AuditService API instead of the deprecated auditManager. The CI integration apps may need configuration updates to map their webhook events to Jira’s audit categories. Have you checked the application link configuration to ensure audit logging is enabled for remote events?
We had this exact problem. The issue was that Jira 9’s audit system requires apps to declare audit event types during installation. Third-party CI connectors that worked in Jira 8 don’t automatically get audit permissions in Jira 9. Check your app permissions in the administration panel - you might need to grant explicit audit write permissions to your CI integration apps.