FortiSOAR™ provides you with a number of pre-installed connectors or built-ins, such as the Database connector that you can use within FortiSOAR™ playbooks, as a connector step, and perform automated operations. These connectors are bundled and named based on the type of operations the connectors can perform. For example, the Database connector would contain actions that you can perform with respect to the database like querying the database. It is easy to extend and enhance these connectors.
Apart from the FortiSOAR™ Built-in connectors, Fortinet also provides a number of connectors for popular integrations like SIEMs, such as FortiSIEM, Splunk, etc., and Ticketing systems such as Jira. You can see a list of published connectors on the FortiSOAR Connectors Documentation site.
The process of installing, configuring, and using connectors is defined in the Introduction to connectors chapter in the "Connectors Guide", which is part of the FortiSOAR™ documentation or see the Installing a connector and Configuring a connector articles.
FortiSOAR™ Built-in connectors are upgraded by default with a FortiSOAR™ upgrade. Use the Content Hub to upgrade your connectors to the latest version, in case you want to only upgrade the connectors and not FortiSOAR™. For more information on the connector store, see the Introduction to connectors chapter and see the FortiSOAR Built-in connectors article.
Important: Before you upgrade your FortiSOAR™ version, it is highly recommended that you take a backup of your FortiSOAR™ Built-in connector's (SSH, IMAP, Database, etc.) configuration since the configuration of your FortiSOAR™ Built-in connectors might be reset if there are changes to the configuration parameters across versions.
The FortiSOAR ML Engine connector leverages Machine Learning (ML) and acts as your recommendation engine by analyzing and filtering your existing record data using different algorithms to recommend similar records and predict and assign field values in records. It is based on finding similarities of patterns in historical data.
IMPORTANT: Version 1.2.1 and later of the ML Engine connector are supported on FortiSOAR release 7.3.0 or later. Therefore, it is recommended not to install or upgrade the ML Engine connector v1.2.1 and later on FortiSOAR releases earlier than 7.3.0, such as FortiSOAR release 7.2.2, 7.2.1, etc.
Connector Version: 1.2.3
Authored By: Fortinet
Certified: Yes
NOTE: Version 1.2.1 and later of the ML Engine connector is compatible with FortiSOAR release 7.3.0 or later.
The following enhancements have been made to the FortiSOAR ML Engine connector in version 1.2.3:
NOTE: For more information on previous releases of the FortiSOAR ML Engine connector, see the FortiSOAR ML Engine Connector document.
You must be an 'Administrator' with 'Security' rights on FortiSOAR to configure the ML Engine connector. If you have appropriate rights, navigate to the Recommendation Engine section on the System Configuration page and configure the ML Engine connector as the recommendation engine. For more information on the 'Recommendation Engine' and how to configure the FortiSOAR ML Engine connector, see the "Recommendation Engine > Record Similarity and Field Predictions" topic in the Application Editor chapter in the "Administration Guide", which is part of the FortiSOAR™ product documentation.
The following automated operations can be included in playbooks:
| Function | Description |
|---|---|
| Train | Trains the dataset using the parameters you have specified while configuring the connector. |
| Predict | Predicts the field value for specified fields in the records you have specified. |
| Fetch Similar Record(s) | Fetches and displays records that are similar to the records you have specified. |
None.
| Parameter | Description |
|---|---|
| Record(s) | Specify a list of record IRI(s) for which you want predict the specified field values. |
| Parameter | Description |
|---|---|
| Record(s) | Specify a list of record IRI(s) based on which you want to fetch similar records. |
If you have upgraded your FortiSOAR instance from release 7.3.0 to 7.4.0, then the ML Engine connector configured using ML-based recommendations displays an error such as "Trained dataset not available for the selected configuration".
Resolution
You must retrain your ML Engine connector's dataset after upgrading your FortiSOAR instance from release 7.3.0 to 7.4.0.
Version 1.2.1 and later of the ML Engine connector are supported on FortiSOAR release 7.3.0 or later. Therefore, it is recommended not to install or upgrade the ML Engine connector v1.2.1 and later on FortiSOAR releases earlier than 7.3.0, such as FortiSOAR release 7.2.2, 7.2.1, etc. However, if you have upgraded the ML Engine connector to 1.2.1 and later on a FortiSOAR release prior to 7.3.0, for example, release 7.2.1, then the ML engine connector uses stale data. To resolve this issue, do the following:
Resolution
uwsgi service using the following command:# systemctl restart uwsgiFortiSOAR™ provides you with a number of pre-installed connectors or built-ins, such as the Database connector that you can use within FortiSOAR™ playbooks, as a connector step, and perform automated operations. These connectors are bundled and named based on the type of operations the connectors can perform. For example, the Database connector would contain actions that you can perform with respect to the database like querying the database. It is easy to extend and enhance these connectors.
Apart from the FortiSOAR™ Built-in connectors, Fortinet also provides a number of connectors for popular integrations like SIEMs, such as FortiSIEM, Splunk, etc., and Ticketing systems such as Jira. You can see a list of published connectors on the FortiSOAR Connectors Documentation site.
The process of installing, configuring, and using connectors is defined in the Introduction to connectors chapter in the "Connectors Guide", which is part of the FortiSOAR™ documentation or see the Installing a connector and Configuring a connector articles.
FortiSOAR™ Built-in connectors are upgraded by default with a FortiSOAR™ upgrade. Use the Content Hub to upgrade your connectors to the latest version, in case you want to only upgrade the connectors and not FortiSOAR™. For more information on the connector store, see the Introduction to connectors chapter and see the FortiSOAR Built-in connectors article.
Important: Before you upgrade your FortiSOAR™ version, it is highly recommended that you take a backup of your FortiSOAR™ Built-in connector's (SSH, IMAP, Database, etc.) configuration since the configuration of your FortiSOAR™ Built-in connectors might be reset if there are changes to the configuration parameters across versions.
The FortiSOAR ML Engine connector leverages Machine Learning (ML) and acts as your recommendation engine by analyzing and filtering your existing record data using different algorithms to recommend similar records and predict and assign field values in records. It is based on finding similarities of patterns in historical data.
IMPORTANT: Version 1.2.1 and later of the ML Engine connector are supported on FortiSOAR release 7.3.0 or later. Therefore, it is recommended not to install or upgrade the ML Engine connector v1.2.1 and later on FortiSOAR releases earlier than 7.3.0, such as FortiSOAR release 7.2.2, 7.2.1, etc.
Connector Version: 1.2.3
Authored By: Fortinet
Certified: Yes
NOTE: Version 1.2.1 and later of the ML Engine connector is compatible with FortiSOAR release 7.3.0 or later.
The following enhancements have been made to the FortiSOAR ML Engine connector in version 1.2.3:
NOTE: For more information on previous releases of the FortiSOAR ML Engine connector, see the FortiSOAR ML Engine Connector document.
You must be an 'Administrator' with 'Security' rights on FortiSOAR to configure the ML Engine connector. If you have appropriate rights, navigate to the Recommendation Engine section on the System Configuration page and configure the ML Engine connector as the recommendation engine. For more information on the 'Recommendation Engine' and how to configure the FortiSOAR ML Engine connector, see the "Recommendation Engine > Record Similarity and Field Predictions" topic in the Application Editor chapter in the "Administration Guide", which is part of the FortiSOAR™ product documentation.
The following automated operations can be included in playbooks:
| Function | Description |
|---|---|
| Train | Trains the dataset using the parameters you have specified while configuring the connector. |
| Predict | Predicts the field value for specified fields in the records you have specified. |
| Fetch Similar Record(s) | Fetches and displays records that are similar to the records you have specified. |
None.
| Parameter | Description |
|---|---|
| Record(s) | Specify a list of record IRI(s) for which you want predict the specified field values. |
| Parameter | Description |
|---|---|
| Record(s) | Specify a list of record IRI(s) based on which you want to fetch similar records. |
If you have upgraded your FortiSOAR instance from release 7.3.0 to 7.4.0, then the ML Engine connector configured using ML-based recommendations displays an error such as "Trained dataset not available for the selected configuration".
Resolution
You must retrain your ML Engine connector's dataset after upgrading your FortiSOAR instance from release 7.3.0 to 7.4.0.
Version 1.2.1 and later of the ML Engine connector are supported on FortiSOAR release 7.3.0 or later. Therefore, it is recommended not to install or upgrade the ML Engine connector v1.2.1 and later on FortiSOAR releases earlier than 7.3.0, such as FortiSOAR release 7.2.2, 7.2.1, etc. However, if you have upgraded the ML Engine connector to 1.2.1 and later on a FortiSOAR release prior to 7.3.0, for example, release 7.2.1, then the ML engine connector uses stale data. To resolve this issue, do the following:
Resolution
uwsgi service using the following command:# systemctl restart uwsgi