Unlock Exclusive Benefits
Join Our Community Today!
Join our community and post in the forum to earn your exclusive Summer Badge! Become a member today!
LOGIN/REGISTER
CONTINUE AS A GUEST
- Support Forum
- Knowledge Base
- Customer Service
- Internal Article Nominations
- FortiGate
- FortiClient
- FortiADC
- FortiAIOps
- FortiAnalyzer
- FortiAP
- FortiAuthenticator
- FortiBridge
- FortiCache
- FortiCare Services
- FortiCarrier
- FortiCASB
- FortiConverter
- FortiCNP
- FortiDAST
- FortiData
- FortiDDoS
- FortiDB
- FortiDNS
- FortiDLP
- FortiDeceptor
- FortiDevSec
- FortiDirector
- FortiEdgeCloud
- FortiEDR
- FortiEndpoint
- FortiExtender
- FortiGate Cloud
- FortiGuard
- FortiGuest
- FortiHypervisor
- FortiInsight
- FortiIsolator
- FortiMail
- FortiManager
- FortiMonitor
- FortiNAC
- FortiNAC-F
- FortiNDR (on-premise)
- FortiNDRCloud
- FortiPAM
- FortiPhish
- FortiPortal
- FortiPresence
- FortiProxy
- FortiRecon
- FortiRecorder
- FortiSRA
- FortiSandbox
- FortiSASE
- FortiScan
- FortiSIEM
- FortiSOAR
- FortiSwitch
- FortiTester
- FortiToken
- FortiVoice
- FortiWAN
- FortiWeb
- FortiAppSec Cloud
- Lacework
- Wireless Controller
- RMA Information and Announcements
- FortiCloud Products
- ZTNA
- 4D Documents
- Customer Service
- Community Groups
- Blogs
- Support Forum
- Knowledge Base
- Customer Service
- Internal Article Nominations
- FortiGate
- FortiClient
- FortiADC
- FortiAIOps
- FortiAnalyzer
- FortiAP
- FortiAuthenticator
- FortiBridge
- FortiCache
- FortiCare Services
- FortiCarrier
- FortiCASB
- FortiConverter
- FortiCNP
- FortiDAST
- FortiData
- FortiDDoS
- FortiDB
- FortiDNS
- FortiDLP
- FortiDeceptor
- FortiDevSec
- FortiDirector
- FortiEdgeCloud
- FortiEDR
- FortiEndpoint
- FortiExtender
- FortiGate Cloud
- FortiGuard
- FortiGuest
- FortiHypervisor
- FortiInsight
- FortiIsolator
- FortiMail
- FortiManager
- FortiMonitor
- FortiNAC
- FortiNAC-F
- FortiNDR (on-premise)
- FortiNDRCloud
- FortiPAM
- FortiPhish
- FortiPortal
- FortiPresence
- FortiProxy
- FortiRecon
- FortiRecorder
- FortiSRA
- FortiSandbox
- FortiSASE
- FortiScan
- FortiSIEM
- FortiSOAR
- FortiSwitch
- FortiTester
- FortiToken
- FortiVoice
- FortiWAN
- FortiWeb
- FortiAppSec Cloud
- Lacework
- Wireless Controller
- RMA Information and Announcements
- FortiCloud Products
- ZTNA
- 4D Documents
- Customer Service
- Community Groups
- Blogs
FortiSOAR Discussions
- Fortinet Community
- Community Groups
- FortiSOAR
- Discussions
- FortiSOAR Multiple loop
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
FortiSOAR Multiple loop
Hello everyone,
I am currently a beginner on FortiSOAR and I have a ‘problem’, using an API to retrieve a lot of information, I have a little trouble processing on FortiSOAR unlike using a standard programming language.
I'd like to process data like this:
items :
[0] :
id : xx
indicators :
[0] :
type : xxx
[1] :
type : xxx
[1] :
id : xx
indicators :
[0] :
type : xxx
[1] :
type : xxx
I can't figure out how to process each item as a unit first
then process the indicators as a unit and then carry out other actions.
Maybe the answer has already been given, but I couldn't find it.
if anyone can help me that would be great news
Best regards,
Solved! Go to Solution.
Labels:
- Labels:
-
FortiSoar
1 Solution
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi @Dretzer,
I hope I have understood your question correctly.
Attached below is the playbook.json file where I have provided a solution to the mentioned problem.
Note: I have made a few field changes in your JSON data for better clarity and understanding. Here is the updated data I used:
{
"data": [
{
"id": "123",
"indicators": [
{ "type": "email", "value": "user1@example.com" },
{ "type": "ip_address", "value": "192.168.1.1" }
]
},
{
"id": "456",
"indicators": [
{ "type": "domain", "value": "example.com" },
{ "type": "url", "value": "https://example.com/page" }
]
}
]
}I hope this helps.
Junaid
Software QA Engineer - 1
Junaid
2 REPLIES 2
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi @Dretzer,
I hope I have understood your question correctly.
Attached below is the playbook.json file where I have provided a solution to the mentioned problem.
Note: I have made a few field changes in your JSON data for better clarity and understanding. Here is the updated data I used:
{
"data": [
{
"id": "123",
"indicators": [
{ "type": "email", "value": "user1@example.com" },
{ "type": "ip_address", "value": "192.168.1.1" }
]
},
{
"id": "456",
"indicators": [
{ "type": "domain", "value": "example.com" },
{ "type": "url", "value": "https://example.com/page" }
]
}
]
}I hope this helps.
Junaid
Software QA Engineer - 1
Junaid
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello,
Thank you for your reply,
This is the type of answer I was looking for.
Yours sincerely
Labels
-
FortiSoar
71 -
Connector
8 -
FortiSOAR v7.x
6 -
FortiSOAR v7.6
5 -
SOAR
5 -
playbooks
3 -
Jinja
3 -
Schedule
2 -
FortiSOAR 7.5
2 -
Threat Intel Management
2 -
FortiSOAR 7.4.0
2 -
Data Ingestion
1 -
Forcepoint
1 -
alert
1 -
HybridAnalysis
1 -
poonvert
1 -
Queued Workflow
1 -
FortiSOAR v7.4.x
1 -
Update Record Correlations
1 -
CMDB
1 -
crowdstrike
1 -
ution
1 -
enrichement
1 -
RegionalSOC
1 -
queue and shift management
1 -
Artificial intelligence
1 -
Microsoft Exchange Connector
1 -
Staging
1 -
External Postgresql DB
1 -
Vault
1 -
secret management
1 -
secrets
1 -
Content-Hub
1 -
FortiSOAR Awards
1 -
fields
1 -
related modules
1 -
templates
1 -
FortiSOAR 7.3.x
1 -
FortiSIEM
1 -
FortiGuard
1 -
FortiWeb
1 -
FortiEDR
1 -
upgrade
1 -
Machine Learning
1 -
performance
1 -
Azure
1 -
Admin Access
1 -
License
1 -
Arrow
1 -
Time
1 -
Trial
1 -
FortiSOAR v7.2.x
1 -
ClickHouse
1 -
Upgrading FortiSOAR
1 -
Playbook
1 -
People
1 -
TAXII
1 -
SOC
1 -
secops
1 -
FortiSASE
1 -
C
1 -
Asset
1 -
Threat feed
1 -
indicators
1 -
FortiAnalyzer
1 -
loops
1
Broad. Integrated. Automated.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Security Research
Company
News & Articles
Copyright 2025 Fortinet, Inc. All Rights Reserved.