Use the FortiSOAR Rapid Development Kit (RDK) to efficiently create third-party integrations (connectors) and other utility code snippets for FortiSOAR. This add-on simplifies the process of creating the following:
FortiSOAR Rapid Development Kit Version: 1.0.0
PyCharm Version Tested on: 2022.2.3
Authored By: Fortinet
Certified: Yes
Download the FortiSOAR RDK (fortisoar-rdk-pycharm-1.0.0-19.zip) that is attached to this document and extract its contents on your system and then perform the following steps in your PyCharm Utility.
Open your PyCharm utility and select Plugins. On the Plugins screen, click Settings and then select the Install Plugin from Disk option. In the Choose Plugin File dialog, navigate to where the FortiSOAR RDK zip file is located on your system, and then click OK.
Once the FortiSOAR add-on gets installed, you will see the FortiSOAR RDK option in the 'Main Menu' and 'Tool Window' on the right sidebar as shown in the following image:
Open your project and click the FortiSOAR RDK option from the 'Tool Window' on the right sidebar to perform the following actions using the FortiSOAR add-on:
Using the FortiSOAR RDK option from the 'Main Menu' you can perform the following actions:
Before you begin working on creating connectors or updating existing connectors, ensure that the Python path of your project is correctly configured.
To configure the Python path for your project, click FortiSOAR RDK from the 'Tool Bar Menu' and click the Configure Python Path option. In the Python Path field, specify or navigate to the path where Python is installed on your system and click Update:
To create a new FortiSOAR connector, click FortiSOAR RDK from the 'Tool Bar Menu' and then select the Create New FortiSOAR Connector option, to open the New FortiSOAR Connector dialog.
In the New FortiSOAR Connector dialog, specify the following parameters:
| Parameter | Description |
|---|---|
| Display Name | Specify the name of the connector you want to create. This is the name that will be displayed on the FortiSOAR UI. |
| API Name | The API name is used as a variable in the connector code to reference this connector and this field is auto-filled once you specify the 'Display Name'. The variable that you use here can be alphanumeric; however, it should not contain any special characters and it must not start with a number. Note: The value that you enter in this field must not match the name of any other connector that is available in the Connector Store or Content Hub. For example, you cannot enter ' virustotal' in this field, since the VirusTotal connector is available in Content Hub. |
| Version | Specify the version of the connector you want to create in the x.y.z format. For example, 1.0.0. |
| Description | Specify the description of the connector you want to create. The information added in this field is displayed on the Connector card on the Content Hub's listing page and enables users to understand more about the connector. |
Once you complete entering the required values in the 'New FortiSOAR Connector' dialog, click OK. Clicking OK displays, a success message and opens the info.json file of the connector. This also opens the Details tab in FortiSOAR RDK with the API Name you have specified, 'demo' in our example:
Use the Details tab to view (and edit) the details of the connector. The Details tab displays the parameters you specified in the 'New FortiSOAR Connector' dialog. You can edit those parameters (except the 'API Name'), and you can specify the following optional parameters:
| Parameter | Description |
|---|---|
| Publisher | Specify the name of your organization as the publisher of this connector. The publisher of the connector is responsible for maintaining and supporting the connector. If you want to keep the connector anonymous, then you can add the "Community" keyword. If this field is left blank, again the connector's publisher is automatically set to "Community". Note: Do not enter "Fortinet" in this field. |
| Doc URL | Specify the URL that contains the documentation for the connector you want to create. This URL will open when you click the Documentation link on the Connector Configuration popup in FortiSOAR. |
| Category | Select the category of the connector you want to create. For example, Threat Intelligence connectors, Ticketing connectors, etc. |
| Connector Logo | Click ... to open the Select Image File button to browse to the location where you have saved the connector logo that you want to associate with the connector. The Connector icon is displayed on the Content Hub pages and the Sample Playbooks page for that connector. Note: The size of the connector logo is 40 X 40 pixels |
| Attributes | Specify the attributes associated with the connector. Currently, you can select only the Certified attribute, if the connector is to be approved by FortiSOAR. |
Once you update the parameter values on the Details tab, click Save to save these changes and update the info.json file. For example, if you have selected the Certified option, you will see that the value of the "cs_approved" parameter in the info.json file is updated to "true". Similarly, the "category" parameter is updated to "Threat Intelligence":
On the Details tab, you can also perform the following actions:
playbooks.json file in the 'playbooks' folder in your project directory..html and .md formats in the 'docs' folder in your project directory.test_<operation_name>.py. For existing connectors, you must manually create this file, if you want to run unit tests for your newly-added operations.requirements.txt file in your project..tgz format, in the same project directory. You can use this .tgz file to import the connector into a FortiSOAR instance.Use the Configuration tab to add configuration parameters for your connector. The parameters you define on this tab get displayed on the Connector Configuration popup when you click the connector card in 'Content Hub'.
To add a new configuration parameter, click the Add Config Fields tab:
Click Add Argument to display a form in which you can add the details for the configuration parameters:
| Parameter | Description |
|---|---|
| Display Name | Specify the name of the configuration parameter you want to add to your connector. This name is displayed on the Connector Configuration popup. For example, Server URL. |
| API Name | The name that is used as a variable in the connector code to reference this parameter. Note: The API Name field is auto-filled once you specify the 'Display Name'. |
| Type | Select the type of field that you want to create for the configuration parameter. For example, Text, Integer, etc. For our example, the Server URL parameter is a Text type field. |
| Value | (Optional) Specify the default value for the parameter. |
| Placeholder | (Optional) Specify the placeholder text for the parameter. |
| Tooltip | (Optional) Specify the tooltip for the parameter. |
| Description | Specify the description for the configuration parameter you are adding to the connector. The information added in this field is used for generating the connector document. |
| Attributes | Specify the attributes associated with the configuration parameter you are adding to the connector. You can select the following attributes:
|
Once you have added all the required parameters for the configuration field, click Save to save the configuration parameter in the "configurations":{ section of the info.json file. You can similarly add more configuration parameters such as Server Port, etc.
Next, click the Configure tab, from the Select Configuration drop-down list select the configuration with which you want to associate the created configuration parameters. To add a new configuration, click Add New, and in the Config Name field enter the name of the configuration, for example, Default Config. You can also edit or add the default values of the configuration parameters that you had specified while adding the configuration parameters, for example in the server_url field, you can update "www.demo.com" to "www.example.com" and in the server_port field, you can enter "443", and then click Save:
You can add multiple configurations for a connector and can click the View All button to view all the defined configurations.
You can also perform the following actions on the Configure tab:
check_health function and displays its output enabling you to determine if the configuration parameters are correctly defined:
Use the Operations tab, to add actions that can be performed by your connector, and in the Add New Operation form, specify the following parameters for the new operation:
| Parameter | Description |
|---|---|
| Display Name | Specify the name of the operation you want to add to your connector. This name is displayed on the Actions & Playbooks tab of the Connector Configuration popup. For example, Get IP Reputation. |
| API Name | Specify the name that would be used as a variable in the connector code to reference this parameter. Note: The API Name field is auto-filled once you specify the 'Display Name'. |
| Endpoint | (Optional) Specify the endpoint on which you want to run this operation. |
| Method | Select the method to be used to run this operation. You can choose from options such as GET, POST, DELETE, CONNECT, etc. |
| Description | Specify the description for the operation that you are adding to the connector. The information added in this field is used for generating the connector document. |
| Generate Default Operation Code | Select this option to generate the default code for the operation. Note: This option overwrites the contents of the operations.py file that is present in your project directory. |
Once you have entered all the required parameters for the operation, click Create. This creates a new .py file with the operation name, for example, get_ip_reputation.py, and also adds the operation details in the "operations":{ section of the info.json file:
To add arguments to the operation, click the Arguments tab. On the 'Arguments' tab, click Add Argument and then in the displayed form add the parameters for the argument:
| Parameter | Description |
|---|---|
| Display Name | Specify the name of the input parameter you want to add to the operation. For example, IP Address |
| API Name | The name that is used as a variable in the connector code to reference this parameter. Note: The API Name field is auto-filled once you specify the 'Display Name'. |
| Type | Select the type of field that you want to create for the input parameter you want to add to the operation. For example, Text, Integer, etc. For our example, the IP Address parameter is a Text type field. |
| Value | (Optional) Specify the default value for the input parameter. |
| Placeholder | (Optional) Specify the placeholder text for the input parameter. |
| Tooltip | (Optional) Specify the tooltip for the input parameter. |
| Description | Specify the description for the input parameter you are adding to the operation. The information added in this field is used for generating the connector document. |
| Attributes | Specify the attributes associated with the input parameter you are adding to the operation. You can select the following attributes
|
To add another input parameter, click Add Argument and follow the same procedure. Once you have added all the required parameters for the input parameter field for the operation, click Save to save the input parameters. This adds the parameters and their details within the "operation":{ section of the info.json file: in the "parameters":{ section. For example, the "IP address" parameter in the "Get IP Reputation" operation: :
To test run the added operation with some sample input parameters, click the Execute Tab, and from the Select Config drop-down list select the configuration to be used to execute the operation. This runs the operation and displays its output enabling you to determine if the input parameters are correctly defined. For example, select Default Config from the Select Configuration drop-down list and enter an example IP address such as 1.1.1.1 in the ip_address field, and click Run:
Click Reset to reload the fields as per their last saved value.
You can add new operations in a similar manner, by clicking the All tab and then clicking Add New Operation, and then further adding the details and arguments to that operation:
You can also perform the following actions on the All tab:
To import an existing FortiSOAR-compatible connector and then make updates or changes to this connector, click FortiSOAR RDK from the 'Tool Bar Menu' and select the Import FortiSOAR Connector option. In the Open dialog, navigate to the location on your system where the .tgz file of the connector is saved, and then click Open. This imports the connector in the current project directory, where you can update the connector as per your requirements using the processes described in Creating a new FortiSOAR Connector topic.
You must note the following if you are importing and editing a connector developed outside FortiSOAR RDK, i.e., exporting an existing connector from FSR such as 'VirusTotal' and then importing it to FortiSOAR RDK:
operations.py file. Therefore, in this case, the info.json file gets populated with the information of the new operation; however, you require to manually add the functions and mappings of the existing (previous) operations to the operations.py file.info.json file; however, the operation.py file has to be manually updated.fortisoar-rdk-pycharm-1.0.0-19.zip
Use the FortiSOAR Rapid Development Kit (RDK) to efficiently create third-party integrations (connectors) and other utility code snippets for FortiSOAR. This add-on simplifies the process of creating the following:
FortiSOAR Rapid Development Kit Version: 1.0.0
PyCharm Version Tested on: 2022.2.3
Authored By: Fortinet
Certified: Yes
Download the FortiSOAR RDK (fortisoar-rdk-pycharm-1.0.0-19.zip) that is attached to this document and extract its contents on your system and then perform the following steps in your PyCharm Utility.
Open your PyCharm utility and select Plugins. On the Plugins screen, click Settings and then select the Install Plugin from Disk option. In the Choose Plugin File dialog, navigate to where the FortiSOAR RDK zip file is located on your system, and then click OK.
Once the FortiSOAR add-on gets installed, you will see the FortiSOAR RDK option in the 'Main Menu' and 'Tool Window' on the right sidebar as shown in the following image:
Open your project and click the FortiSOAR RDK option from the 'Tool Window' on the right sidebar to perform the following actions using the FortiSOAR add-on:
Using the FortiSOAR RDK option from the 'Main Menu' you can perform the following actions:
Before you begin working on creating connectors or updating existing connectors, ensure that the Python path of your project is correctly configured.
To configure the Python path for your project, click FortiSOAR RDK from the 'Tool Bar Menu' and click the Configure Python Path option. In the Python Path field, specify or navigate to the path where Python is installed on your system and click Update:
To create a new FortiSOAR connector, click FortiSOAR RDK from the 'Tool Bar Menu' and then select the Create New FortiSOAR Connector option, to open the New FortiSOAR Connector dialog.
In the New FortiSOAR Connector dialog, specify the following parameters:
| Parameter | Description |
|---|---|
| Display Name | Specify the name of the connector you want to create. This is the name that will be displayed on the FortiSOAR UI. |
| API Name | The API name is used as a variable in the connector code to reference this connector and this field is auto-filled once you specify the 'Display Name'. The variable that you use here can be alphanumeric; however, it should not contain any special characters and it must not start with a number. Note: The value that you enter in this field must not match the name of any other connector that is available in the Connector Store or Content Hub. For example, you cannot enter ' virustotal' in this field, since the VirusTotal connector is available in Content Hub. |
| Version | Specify the version of the connector you want to create in the x.y.z format. For example, 1.0.0. |
| Description | Specify the description of the connector you want to create. The information added in this field is displayed on the Connector card on the Content Hub's listing page and enables users to understand more about the connector. |
Once you complete entering the required values in the 'New FortiSOAR Connector' dialog, click OK. Clicking OK displays, a success message and opens the info.json file of the connector. This also opens the Details tab in FortiSOAR RDK with the API Name you have specified, 'demo' in our example:
Use the Details tab to view (and edit) the details of the connector. The Details tab displays the parameters you specified in the 'New FortiSOAR Connector' dialog. You can edit those parameters (except the 'API Name'), and you can specify the following optional parameters:
| Parameter | Description |
|---|---|
| Publisher | Specify the name of your organization as the publisher of this connector. The publisher of the connector is responsible for maintaining and supporting the connector. If you want to keep the connector anonymous, then you can add the "Community" keyword. If this field is left blank, again the connector's publisher is automatically set to "Community". Note: Do not enter "Fortinet" in this field. |
| Doc URL | Specify the URL that contains the documentation for the connector you want to create. This URL will open when you click the Documentation link on the Connector Configuration popup in FortiSOAR. |
| Category | Select the category of the connector you want to create. For example, Threat Intelligence connectors, Ticketing connectors, etc. |
| Connector Logo | Click ... to open the Select Image File button to browse to the location where you have saved the connector logo that you want to associate with the connector. The Connector icon is displayed on the Content Hub pages and the Sample Playbooks page for that connector. Note: The size of the connector logo is 40 X 40 pixels |
| Attributes | Specify the attributes associated with the connector. Currently, you can select only the Certified attribute, if the connector is to be approved by FortiSOAR. |
Once you update the parameter values on the Details tab, click Save to save these changes and update the info.json file. For example, if you have selected the Certified option, you will see that the value of the "cs_approved" parameter in the info.json file is updated to "true". Similarly, the "category" parameter is updated to "Threat Intelligence":
On the Details tab, you can also perform the following actions:
playbooks.json file in the 'playbooks' folder in your project directory..html and .md formats in the 'docs' folder in your project directory.test_<operation_name>.py. For existing connectors, you must manually create this file, if you want to run unit tests for your newly-added operations.requirements.txt file in your project..tgz format, in the same project directory. You can use this .tgz file to import the connector into a FortiSOAR instance.Use the Configuration tab to add configuration parameters for your connector. The parameters you define on this tab get displayed on the Connector Configuration popup when you click the connector card in 'Content Hub'.
To add a new configuration parameter, click the Add Config Fields tab:
Click Add Argument to display a form in which you can add the details for the configuration parameters:
| Parameter | Description |
|---|---|
| Display Name | Specify the name of the configuration parameter you want to add to your connector. This name is displayed on the Connector Configuration popup. For example, Server URL. |
| API Name | The name that is used as a variable in the connector code to reference this parameter. Note: The API Name field is auto-filled once you specify the 'Display Name'. |
| Type | Select the type of field that you want to create for the configuration parameter. For example, Text, Integer, etc. For our example, the Server URL parameter is a Text type field. |
| Value | (Optional) Specify the default value for the parameter. |
| Placeholder | (Optional) Specify the placeholder text for the parameter. |
| Tooltip | (Optional) Specify the tooltip for the parameter. |
| Description | Specify the description for the configuration parameter you are adding to the connector. The information added in this field is used for generating the connector document. |
| Attributes | Specify the attributes associated with the configuration parameter you are adding to the connector. You can select the following attributes:
|
Once you have added all the required parameters for the configuration field, click Save to save the configuration parameter in the "configurations":{ section of the info.json file. You can similarly add more configuration parameters such as Server Port, etc.
Next, click the Configure tab, from the Select Configuration drop-down list select the configuration with which you want to associate the created configuration parameters. To add a new configuration, click Add New, and in the Config Name field enter the name of the configuration, for example, Default Config. You can also edit or add the default values of the configuration parameters that you had specified while adding the configuration parameters, for example in the server_url field, you can update "www.demo.com" to "www.example.com" and in the server_port field, you can enter "443", and then click Save:
You can add multiple configurations for a connector and can click the View All button to view all the defined configurations.
You can also perform the following actions on the Configure tab:
check_health function and displays its output enabling you to determine if the configuration parameters are correctly defined:Use the Operations tab, to add actions that can be performed by your connector, and in the Add New Operation form, specify the following parameters for the new operation:
| Parameter | Description |
|---|---|
| Display Name | Specify the name of the operation you want to add to your connector. This name is displayed on the Actions & Playbooks tab of the Connector Configuration popup. For example, Get IP Reputation. |
| API Name | Specify the name that would be used as a variable in the connector code to reference this parameter. Note: The API Name field is auto-filled once you specify the 'Display Name'. |
| Endpoint | (Optional) Specify the endpoint on which you want to run this operation. |
| Method | Select the method to be used to run this operation. You can choose from options such as GET, POST, DELETE, CONNECT, etc. |
| Description | Specify the description for the operation that you are adding to the connector. The information added in this field is used for generating the connector document. |
| Generate Default Operation Code | Select this option to generate the default code for the operation. Note: This option overwrites the contents of the operations.py file that is present in your project directory. |
Once you have entered all the required parameters for the operation, click Create. This creates a new .py file with the operation name, for example, get_ip_reputation.py, and also adds the operation details in the "operations":{ section of the info.json file:
To add arguments to the operation, click the Arguments tab. On the 'Arguments' tab, click Add Argument and then in the displayed form add the parameters for the argument:
| Parameter | Description |
|---|---|
| Display Name | Specify the name of the input parameter you want to add to the operation. For example, IP Address |
| API Name | The name that is used as a variable in the connector code to reference this parameter. Note: The API Name field is auto-filled once you specify the 'Display Name'. |
| Type | Select the type of field that you want to create for the input parameter you want to add to the operation. For example, Text, Integer, etc. For our example, the IP Address parameter is a Text type field. |
| Value | (Optional) Specify the default value for the input parameter. |
| Placeholder | (Optional) Specify the placeholder text for the input parameter. |
| Tooltip | (Optional) Specify the tooltip for the input parameter. |
| Description | Specify the description for the input parameter you are adding to the operation. The information added in this field is used for generating the connector document. |
| Attributes | Specify the attributes associated with the input parameter you are adding to the operation. You can select the following attributes
|
To add another input parameter, click Add Argument and follow the same procedure. Once you have added all the required parameters for the input parameter field for the operation, click Save to save the input parameters. This adds the parameters and their details within the "operation":{ section of the info.json file: in the "parameters":{ section. For example, the "IP address" parameter in the "Get IP Reputation" operation: :
To test run the added operation with some sample input parameters, click the Execute Tab, and from the Select Config drop-down list select the configuration to be used to execute the operation. This runs the operation and displays its output enabling you to determine if the input parameters are correctly defined. For example, select Default Config from the Select Configuration drop-down list and enter an example IP address such as 1.1.1.1 in the ip_address field, and click Run:
Click Reset to reload the fields as per their last saved value.
You can add new operations in a similar manner, by clicking the All tab and then clicking Add New Operation, and then further adding the details and arguments to that operation:
You can also perform the following actions on the All tab:
To import an existing FortiSOAR-compatible connector and then make updates or changes to this connector, click FortiSOAR RDK from the 'Tool Bar Menu' and select the Import FortiSOAR Connector option. In the Open dialog, navigate to the location on your system where the .tgz file of the connector is saved, and then click Open. This imports the connector in the current project directory, where you can update the connector as per your requirements using the processes described in Creating a new FortiSOAR Connector topic.
You must note the following if you are importing and editing a connector developed outside FortiSOAR RDK, i.e., exporting an existing connector from FSR such as 'VirusTotal' and then importing it to FortiSOAR RDK:
operations.py file. Therefore, in this case, the info.json file gets populated with the information of the new operation; however, you require to manually add the functions and mappings of the existing (previous) operations to the operations.py file.info.json file; however, the operation.py file has to be manually updated.fortisoar-rdk-pycharm-1.0.0-19.zip