Help
FortiSOAR Knowledge Base
FortiSOAR: Security Orchestration and Response software provides innovative case management, automation, and orchestration. It pulls together all of an organization's tools, helps unify operations, and reduce alert fatigue, context switching, and the mean time to respond to incidents.
sramanujam
Staff
Staff

Created on ‎06-23-2024 10:59 PM

Article Id 321874

Troubleshooting Tip: How to resolve the Filepath Parsing Issue on the Utilities 3.3.0 Connector

Description

This article describes that while extracting artifacts, the Utility connector 3.3.0 parses HTML tags as file indicators.

This typically occurs when records contain formatted HTML tables in the description, aimed at enhancing the SOC analyst's understanding.

 

2024-06-21 11_39_53-2024-06-12_13-34-25(1).jpg ‎- Photos.png
Scope FortiSOAR v7.4.x, v7.x.
Solution

Step 1: Take a backup of the patterns.ini file:


# cp /opt/cyops/configs/integrations/connectors/cyops_utilities_3_3_0/patterns.ini /opt/cyops/configs/integrations/connectors/cyops_utilities_3_3_0/patterns.ini.bk

 

Step 2: Update the file path pattern:


# vi /opt/cyops/configs/integrations/connectors/cyops_utilities_3_3_0/patterns.ini
[Filepath]
pattern: \b[A-Z]:\\[A-Za-z0-9-_\.\\]+\b

 

Step 3: Restart the uWSGI services:


# systemctl restart uwsgi.service

 

Note:

Take a snapshot of the VM before making any changes to the system.
81
0 Kudos
Submit Article Idea
Contributors
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.