Skip to main content
Skip table of contents

Scanning Files Attached to Issues

By default, Security for Jira scans files attached to issues.

  • Most common document types are supported.

  • Any files which are 50MB or larger are skipped.

  • Archives (e.g. .zip, .rar, and .gz) are not supported yet.

Supported File Types

File Type

File Extensions

PDFs

.pdf

Microsoft Word Documents

.docx, .doc, .docm, .dotx, .dotm, .dot

Microsoft Excel Spreadsheets

.xlsx, .xls, .xltx, .xltm, .xslm, .xslb, .xlt,

Microsoft Powerpoint Presentations

.pptx, .ppt, .pot, .potm, .potx, .pps, .ppsm, .ppsx, .pptm

Microsoft OneNote Pages

.one

Email Messages

.eml, .msg, .oft, .pst, .mbox

XPS Documents

.xps

Rich Text Documents

.rtf

Ebooks

.epub

OpenOffice / LibreOffice Documents

.odt, .fodt, .ott

OpenOffice / LibreOffice Spreadsheets

.ods, .fods, .ots

OpenOffice / LibreOffice Presentations

.odp, .fodp, .otp

WordPerfect Documents

.wpd, .wp, .wpt, .qpw

Plain text formats

Any extension not listed above is scanned as plain text. For example, .txt, .csv, .html and source code files.

We do not currently support scanning “Strict OOXML” Office documents. These files will have either .docx, .pptx, or .xlsx extensions. When scanning, these files will be skipped, and will show up as unsupported in attachment scan exports.

Enabling and Disabling Attachment Scanning

We recommend leaving attachment scanning enabled, for the best security coverage. Nevertheless, you can turn attachment scanning on or off by navigating to the settings page, and toggling the “Scan attachments” setting.

localhost_2990_jira_plugins_servlet_soteri_settings copy 5.png

Exporting Information About Scanned Attachments

To get information about which attachments Security for Jira scanned, skipped, or failed to scan, you can export information about scanned attachments. These exports are CSV formatted with the following columns:

  • Issue key

  • Issue summary

  • File name

  • Attachment ID

  • File size

  • Scan status - will be one of the following:

    • UNSCANNED

    • SCANNED

    • FAILED

  • Reason for not scanning - If the file is not scanned, then this will have a reason code:

    • UNSUPPORTED_FORMAT

    • ENCRYPTED

    • TOO_BIG

    • PARSE_ERROR

    • NOT_FOUND

    • MALFORMED

    • EXCEEDED_MEMORY_LIMIT

  • Error message - an optional error message which may indicate why scanning the attachment failed.

From the Soteri Dashboard, you can export attachment scan information for all attachments in all projects you can view reports for:

From the Security Analysis page, you can export attachment scan information for a specific project:

You can also export this information using our REST API.

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.