Overview
FortiSOAR™ provides you with a number of pre-installed connectors or built-ins, such as the Code Snippet or Database connectors that you can use within FortiSOAR™ playbooks, as a connector step, and perform automated operations. These connectors are bundled and named based on the type of operations the connectors can perform. For example, the Database connector would contain actions that you can perform with respect to the database like querying the database. It is easy to extend and enhance these connectors.
Apart from the FortiSOAR™ Built-in connectors, Fortinet also provides a number of connectors for popular integrations like SIEMs, such as FortiSIEM, Splunk, etc., and Ticketing systems such as Jira. You can see a list of published connectors on the FortiSOAR Connectors Documentation site.
The process of installing, configuring, and using connectors is defined in the Introduction to connectors chapter in the "Connectors Guide", which is part of the FortiSOAR™ documentation or see the Installing a connector and Configuring a connector articles.
FortiSOAR™ Built-in connectors are upgraded by default with a FortiSOAR™ upgrade. Use the Content Hub to upgrade your connectors to the latest version, in case you want to only upgrade the connectors and not FortiSOAR™. For more information on the connector store, see the Introduction to connectors chapter and see the FortiSOAR Built-in connectors article.
Important: Before you upgrade your FortiSOAR™ version, it is highly recommended that you take a backup of your FortiSOAR™ Built-in connector's (SSH, IMAP, Database, etc.) configuration since the configuration of your FortiSOAR™ Built-in connectors might be reset if there are changes to the configuration parameters across versions.
Code Snippet
Use the Code Snippet connector to run a python function as part of playbooks. You can add the "Code Snippet" connector in a playbook as a connector step and execute a python code as part of a playbook.
Version information
Connector Version: 2.0.1
Authored By: Fortinet.
Certified: Yes
Release Notes for version 2.0.1
Following enhancements have been made to the Code Snippet connector in version 2.0.1:
- Added the 'Documentation' link on the Connector configuration popup, which opens the documentation for this version of the connector.
NOTE: For more information on previous releases of the Code Snippet connector, see the Code Snippet Connector v2.0.0 document.
Configuration parameters
In FortiSOAR™, on the Content Hub (or Connector Store) page, click the Manage tab, and then click the Code Snippet connector card. On the connector popup, click the Configurations tab to enter the required configuration details.
| Parameter |
Description |
| Allow Universal Imports |
Select this option to allow all python modules, except os, sys, and subprocess, to be used in code snippets. Since, users can use the Code Snippet connector, to perform any operation on your FortiSOAR system by writing a python function, including functions to manipulate files on the system and run system operations that could enable you to get user login information; it is highly recommended to leave the Allow Universal Imports checkbox unchecked (default). Leaving this option unchecked ensures that users can import only a restricted list of python modules, which are specified by the administrators. To use any python module, users are required to include the import statement. For more information, see the Alternative ways of restricting python modules topic. |
| Modules to Import |
Administrators can use this field to specify the list of modules that they want to import. Users can then use these modules, without having to include the import statement in the python code. Note that, in this case, users will not be allowed to import modules that are not part of the list of specified modules. |
Alternative ways of restricting python modules
If administrators do not want to restrict the python modules that users can use, i.e., select the Allow Universal Imports checkbox (not recommended), then in such a case administrators assign ownership of connector configuration by setting a particular configuration to 'Private', allowing administrators to control who can view and execute the particular connector configuration. Setting a connector configuration to 'Private' allows only the assigned team owners to view and execute the connector configuration as shown in the following image:
Similarly, administrators can also restrict the roles that are allowed to execute the python code, by clicking the Action tab, and then in the Execute Python Code (and Execute Python Code (Deprecated) row, click the Assign Role(s) to Action icon to display the Assign Role(s) to Action dialog, where you can select the roles that would be able to perform the action. For example, in the following image only the 'Security Administrator' role can run the Execute Python Code action:
Actions supported by the connector
The following automated operations can be included in playbooks:
| Function |
Description |
| Execute Python Code |
Executes the specified Python code as part of your playbooks. |
operation: Execute Python Code
Input parameters
| Parameter |
Description |
| Python Function |
Enter the python function that you want to run as part of the playbook. |
