This connector allows you to run REST API operations on other FortiSOAR environments
This document provides information about the Remote FortiSOAR Connector, which facilitates automated interactions, with a Remote FortiSOAR server using FortiSOAR™ playbooks. Add the Remote FortiSOAR Connector as a step in FortiSOAR™ playbooks and perform automated operations with Remote FortiSOAR.
Connector Version: 2.0.0
FortiSOAR™ Version Tested on: 7.5.0-4015
Authored By: Fortinet
Certified: Yes
Following enhancements have been made to the Remote FortiSOAR Connector in version 2.0.0:
Use the Content Hub to install the connector. For the detailed procedure to install a connector, click here.
You can also use the following yum command as a root user to install connectors from an SSH session:
yum install cyops-connector-remote-fortisoar
For the procedure to configure a connector, click here
In FortiSOAR™, on the Connectors page, click the Remote FortiSOAR connector row (if you are in the Grid view on the Connectors page) and in the Configurations tab enter the required configuration details:
| Parameter | Description |
|---|---|
| FortiSOAR Endpoint URL | The URL of the FortiSOAR endpoint to which you will connect and perform the automated operations. |
| Authentication Type | Authentication to be used to connect and communicate with the FortiSOAR server. You can choose from the following options:
|
| Verify SSL | Specifies whether the SSL certificate for the server is to be verified. By default, this option is selected, i.e., set to true. |
The following automated operations can be included in playbooks and you can also use the annotations to access operations from FortiSOAR™:
| Function | Description | Annotation and Category |
|---|---|---|
| Make an API call | Makes an API call to the endpoint based on the method and the query parameters you have specified. | make_api_call Investigation |
| Upload file to FortiSOAR | Makes a file upload request based on the provided attachment or a file IRI. | upload_file Utilities |
| Parameter | Description |
|---|---|
| Endpoint IRI | FortiSOAR supported RESTful APIs endpoints |
| HTTP method | Select the HTTP method to make the API call to the remote FortiSOAR server. You can choose from the following options:
|
| Query params | (Optional) Specify the API query parameters, related to the HTTP method selected, as key-value pairs that appear after the question mark in the URL. Basically, they are extensions of the URL that are utilized to help determine specific content or action based on the data being delivered. |
| Headers | (Optional) Specify the HTTP headers, related to the HTTP method selected, as part of the API request and response. |
| Body (Only applicable to GET and PUT HTTP methods) | (Optional) Specify the request body, related to the HTTP method selected, to send and receive data via the REST API. |
The output schema depends on the API endpoint you choose.
| Parameter | Description |
|---|---|
| Attachment/File IRI | Specify the Attachment or File IRI of the file to upload. |
| Create Remote FortiSOAR Attachment | (Optional) Select this option, i.e., set it to true, to create attachment of the file in remote FortiSOAR. Clear this option, i.e., set it to false (default), to create only the file. |
The output contains the following populated JSON schema:
{
"@id": "",
"filename": "",
"mimeType": ""
}
The Sample - Remote FortiSOAR - 2.0.0 playbook collection comes bundled with the Remote FortiSOAR connector. These playbooks contain steps using which you can perform all supported actions. You can see bundled playbooks in the Automation > Playbooks section in FortiSOARTM after importing the Remote FortiSOAR connector.
Note: If you are planning to use any of the sample playbooks in your environment, ensure that you clone those playbooks and move them to a different collection, since the sample playbook collection gets deleted during connector upgrade and delete.
This connector allows you to run REST API operations on other FortiSOAR environments
This document provides information about the Remote FortiSOAR Connector, which facilitates automated interactions, with a Remote FortiSOAR server using FortiSOAR™ playbooks. Add the Remote FortiSOAR Connector as a step in FortiSOAR™ playbooks and perform automated operations with Remote FortiSOAR.
Connector Version: 2.0.0
FortiSOAR™ Version Tested on: 7.5.0-4015
Authored By: Fortinet
Certified: Yes
Following enhancements have been made to the Remote FortiSOAR Connector in version 2.0.0:
Use the Content Hub to install the connector. For the detailed procedure to install a connector, click here.
You can also use the following yum command as a root user to install connectors from an SSH session:
yum install cyops-connector-remote-fortisoar
For the procedure to configure a connector, click here
In FortiSOAR™, on the Connectors page, click the Remote FortiSOAR connector row (if you are in the Grid view on the Connectors page) and in the Configurations tab enter the required configuration details:
| Parameter | Description |
|---|---|
| FortiSOAR Endpoint URL | The URL of the FortiSOAR endpoint to which you will connect and perform the automated operations. |
| Authentication Type | Authentication to be used to connect and communicate with the FortiSOAR server. You can choose from the following options:
|
| Verify SSL | Specifies whether the SSL certificate for the server is to be verified. By default, this option is selected, i.e., set to true. |
The following automated operations can be included in playbooks and you can also use the annotations to access operations from FortiSOAR™:
| Function | Description | Annotation and Category |
|---|---|---|
| Make an API call | Makes an API call to the endpoint based on the method and the query parameters you have specified. | make_api_call Investigation |
| Upload file to FortiSOAR | Makes a file upload request based on the provided attachment or a file IRI. | upload_file Utilities |
| Parameter | Description |
|---|---|
| Endpoint IRI | FortiSOAR supported RESTful APIs endpoints |
| HTTP method | Select the HTTP method to make the API call to the remote FortiSOAR server. You can choose from the following options:
|
| Query params | (Optional) Specify the API query parameters, related to the HTTP method selected, as key-value pairs that appear after the question mark in the URL. Basically, they are extensions of the URL that are utilized to help determine specific content or action based on the data being delivered. |
| Headers | (Optional) Specify the HTTP headers, related to the HTTP method selected, as part of the API request and response. |
| Body (Only applicable to GET and PUT HTTP methods) | (Optional) Specify the request body, related to the HTTP method selected, to send and receive data via the REST API. |
The output schema depends on the API endpoint you choose.
| Parameter | Description |
|---|---|
| Attachment/File IRI | Specify the Attachment or File IRI of the file to upload. |
| Create Remote FortiSOAR Attachment | (Optional) Select this option, i.e., set it to true, to create attachment of the file in remote FortiSOAR. Clear this option, i.e., set it to false (default), to create only the file. |
The output contains the following populated JSON schema:
{
"@id": "",
"filename": "",
"mimeType": ""
}
The Sample - Remote FortiSOAR - 2.0.0 playbook collection comes bundled with the Remote FortiSOAR connector. These playbooks contain steps using which you can perform all supported actions. You can see bundled playbooks in the Automation > Playbooks section in FortiSOARTM after importing the Remote FortiSOAR connector.
Note: If you are planning to use any of the sample playbooks in your environment, ensure that you clone those playbooks and move them to a different collection, since the sample playbook collection gets deleted during connector upgrade and delete.