Description | This article describes how to fix invalid pattern issues while consuming the Threat Feeds using the TAXII protocol. |
Scope | FortiSOAR, Threat Intel Management Solution Pack version <= 1.2.2. |
Solution |
'Fortinet FortiGuard Threat Intelligence' data ingestion gets configured automatically while installing the 'Threat Intel Management' solution pack on the FortiSOAR system.
As a result, 'Fortinet FortiGuard Threat Intelligence' data ingestions playbooks get created which contain a jinja value '{{vars.item.pattern | toJSON}}' This leads to incorrect characters being added to the pattern field when creating the 'Threat Intel Feeds' record in FortiSOAR.
Follow the below steps to fix this:
|