Technical Note: [FortiSOAR / Cybersponse Tricks'n'Tips] Playbook which shows usage of Different Jinja Functions

Introduction

This attached playbook shows how can we use different jinja functions i.e.(mathematical,unique value,json to yaml conversion etc)

Challenge

Sometimes user need to use different values from alerts, incidents records form there user may require to find out unique values, may need to convert a json to yaml, find out maximum occurrence from a list there are many more things like that which user would need to find out.

Solution

Playbook

This Playbook will first generate values by setting them through configuration and then fetching different values by using jinja expression from those variables.

How to use

1) Import the attached Playbook

2) To run the playbook go to alert page select any alert and execute the PB

3) Playbook Flow 

In the Above Playbook, there are three steps

1st step is for Trigger of Playbook

2nd step is where we are generating different values

Num_LIST1  [1,3,5,23,5,76,7,0]

3rd step is where we are using Jinja for evaluating those above values

U_List1  {{vars.Num_LIST1 | unique }}

Output

1

3

5

23

76

7

0