Running a Connector

FortiSOAR Connectors are used to take a specific action on a third-party device.

Running a Connector on an Event

To run a Connector on an event, take the following steps.

  1. From the ANALYTICS page, select an event.

  2. Click Run Connector.

  3. From the Run Connector window, take the following steps.

    1. From the Folders column, select the Connector you want to run. When a Connector is selected, a list of available actions for that Connector will auto-populate under the Items column.

    2. From the Items column, select the desired Connector action and click > to add it to the Selections column. A Select Connector Parameters section may appear that is specific to the FortiSOAR Connector, if additional parameter information is needed. The parameters that appear will vary per Connector and specification type.

      Note: If you wish to remove a Connector action from the Selections column, select the Connector action you wish to remove and click <.

    3. If the Select Connector Parameters section appears based on the Connector action selected, populate the Connector parameters required to run the Connector action. Refer to FortiSOAR documentation for a given Connector for information regarding requirements.

      Note: The first parameter on nearly all Connectors is the Connector Config, which is essentially a descriptive name for a credential set for a given application, service, or device on FortiSOAR for that Connector type.

      An example is the Fortinet Fortigate Connector. Each Connector configuration is an binding of credential (API key) to a particular firewall. When you select this Connector configuration, the action will be executed on that firewall.

    4. When done, click Execute. FortiSIEM will call the given Connector using the parameters specified. The Connector Result window appears. This window provides a summary of result. Clicking Details will display additional information. Click on View Output to view any information related on a specific Connector topic (Summary, Details, a specific attribute if applicable).

    5. When done, click Close.