Hi Experts, I want to get the IP Reputation whenever its expiryDate
reaches. Explanation:==============Whenever we add the IP in SOAR, its
expiry date is set through OOB play book " Indicator - Set Default
Expiry Date ". This playbook is in the "IRP <!-- -->...
Hi Team,We have the statuses for Alerts and Incidents. These are: For
Alerts: Open, Investigating, Pending, Closed, Re-openedFor Incidents:
Open, Awaiting, Resolved, Inactive We can only add the notes when Alert
status is "Closed" or if the Incidents...
Hi Experts! We are ingesting the "Offenses" from QRadar SIEM to
FortiSOAR. My ingestion schedule is configured for every 15 minutes. In
QRadar, what happens, when an offense is generated, it has few events in
it. As long as the offense is not closed,...
Hi Experts! Kindly suggest some best practices to configure the backup
and restore mechanism of the FortiSOAR data and configuration file? The
idea is to use the backed-up file (data and configuration) and restore
the FortiSOAR again with minimum dow...
Hi Team,I have FSR7.3.x. I have installed and configured the Arbor DDoS
connector in FSR. Now I want to block the IPs on Arbor DDoS through
SOAR. But when I see the actions available in the connector, the Block
IP or Block IoCs kind of action is not ...
@jankit6 If we see the playbook execution logs, and check any active,
awaiting playbioks, it shows nothing. Can you please let us know how can
we find out which playbook is causing the queue? Regards,Burhan
Hi Experts! I want to add one point for performing IP Reputation of bulk
IPs on multiple threat intel platforms. Like, if i want to get the
latest reputation of say, 10 IPs, from Virustotal, Fortiguard Threat
intel, Kasperksy Threat Intel. (I have al...
HI Amit, Thanks for the response. I would like to add our SOC duty
roaster in csv format as per the attachement here. Can we be able to
upload this CSV file and create our shift using this CSV file?
Hi Team, Need support on two points that have already been mentioned
earlier, but I am summarizing it here: 1- A report from last shift: Lets
say, shift duration is 8 hours. So in last 8 hours how many alerts were
closed, and how many alerts are open...
Hi, the command: #csadm db --backup BackupDirectoryPath
--exclude-workflow --exclude-audit didnt work for me. I changed the
BackupDirectoryPath with the actual directory path in my system. Screen
shot is attached for your reference. Kindly suggest fu...