Need help to automatically trigger playbook for specific FortiSIEM alerts in FortiSOAR

Forum|Forum|7 months ago
October 30, 2025
1 reply
417 views

Hi everyone,

I’m currently facing an issue in FortiSOAR. I’ve created a playbook that works fine, but it requires a manual trigger every time a new alert is created.

My goal is to have the playbook run automatically whenever a specific type of alert is generated from FortiSIEM (for example, based on alert name, severity, or category).

Could anyone please guide me on how to configure FortiSOAR so that the playbook is automatically triggered based on certain FortiSIEM alert criteria?

Thanks in advance for your help!

Best answer by schaudhari

Hi Raj,
You can choose your playbook trigger step as "On Create" and select the filter criteria based on alert name, severity, or category. This will trigger the playbook automatically when an alert with name containing certain key words and select severity or category is created

schaudhariAnswer

Staff

Hi Raj,
You can choose your playbook trigger step as "On Create" and select the filter criteria based on alert name, severity, or category. This will trigger the playbook automatically when an alert with name containing certain key words and select severity or category is created

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded