Problem

The Monitor Security Threats feature in Confluence allows administrators to receive notifications when certain actions occur in the application. This also advises that specific alerts can be disabled using the plugin.lighthouse.disabled.alert.types system property. However, adding the system property for disabling the security alerts related to announcement banner changes doesn't take effect. These include the following:

• announcement-banner-added

• announcement-banner-deleted

• announcement-banner-updated

Environment

Tested in Confluence 9.2.1 and 9.3.1

Steps to Reproduce

• Stop Confluence
• Edit the setenv.sh file and add the following system property:

CATALINA_OPTS="-Dplugin.lighthouse.disabled.alert.types=announcement-banner-added,announcement-banner-deleted,announcement-banner-updated ${CATALINA_OPTS}" 

• Restart Confluence
• Navigate to > General Configuration > Custom HTML
• Click on the Edit button
• Add the following to the At beginning of the BODY field

  <!-- Message Banner -->
  <div style="background-color: yellow; border: 2px solid red; margin: 4px; padding: 2px; font-weight: bold; text-align: center;">
  Changing this.. Making a change
  </div>
  

• Click on the Save button

Expected Results

Changes to the announcement banners in Confluence are applied, and there are no events related to the change added to the Security Alerts

Actual Results

Changes to the announcement banner are applied, but the Security Alerts regarding them are still present

Workaround

Notes

If we disable all alerts, the alerts are actually disabled. However, this isn't viable, as it completely removes all alerts.