Re: Update Record Issue "Tenant"

sahirrao · 11-26-2024

Apologies for the delayed response. 1. **RCA:**: According to the STIX indicator specification, valid hash types include MD5, SHA-1, SHA-256, and SHA-512. STIX does not support VHash, SSDEEP, or Authentihash. Please map the VHash, SSDEEP, and Authent...

sahirrao · 11-14-2024

@Deep We need to troubleshoot the FortiGate to understand how the feeds are being consumed and mapped. We also need to replicate the same scenario in our lab. Please give us some time to do this.

sahirrao · 08-19-2024

Hi, Use {{vars.item['@id']}} as a indicatorIRI in reference step

sahirrao · 07-15-2024

You can update a global variable by selecting its name and specifying the updated value in the "FSR: Create/Update Global Variables" action within the Utility Connector.

sahirrao · 07-14-2024

Hi Yes, you can iterate {{vars.steps.Query_Violations.data.events}} in "for each" of the "Create Record" step in the playbook and map the "Alert" record field, like name, which will be mapped as {{vars.item.policyname}} and so on.

User Statistics

User Activity

Re: Threat Intel Management - Enable TAXII Server

Re: Threat Intel Management - Enable TAXII Server

Re: pass record IRI in loop for reference playbooks

Re: Update the value of a global variable in a playbook

Re: Iterating through an array with a simple loop

Re: Update Record Issue "Tenant"

Re: FortiSOAR Playbook Development Best Practices

Re: pass record IRI in loop for reference playbook...

KCS