FortiSOAR Knowledge Base
FortiSOAR: Security Orchestration and Response software provides innovative case management, automation, and orchestration. It pulls together all of an organization's tools, helps unify operations, and reduce alert fatigue, context switching, and the mean time to respond to incidents.
Article Id 285452
Description This article describes how to view the execution logs of FortiSOAR internal system playbooks.
Scope FortiSOAR v6.x and v7.x.

System playbooks in the FortiSOAR play a crucial role for the effective functioning of the system. These playbooks will get executed based on its trigger or schedules. By default, FortiSOAR exclude the System Playbook execution logs. To enable it, please follow the below steps.


  1. Go to the 'Playbook Execution Log' Button and select the '1 Tags Excluded'.


2023-11-20 10_50_51-System Notification and Escalation Playbooks _ Collections _ Playbooks and 4 mor.png


  1.  On the 'Filter Logs By Tags' model, select the 'Only Include' and apply Filter.


2023-11-20 10_57_30-System Notification and Escalation Playbooks _ Collections _ Playbooks and 4 mor_2.png


The selected option will only show the executed logs of the system playbook. However, it is also possible to see both the system playbook and other playbook logs by removing the system tag and Apply filter. Administrators can also set these filters as default to FortiSOAR users.