FortiManager
Integration version: 7.0
Configure FortiManager integration in Google Security Operations SOAR
For detailed instructions on how to configure an integration in Google Security Operations SOAR, see Configure integrations.
Integration parameters
Use the following parameters to configure the integration:
| Parameters | Type | Default Value | Is Mandatory | Description |
|---|---|---|---|---|
| API Root | String | https://x.x.x.x:port | Yes | API root of the FortiManager instance. |
| Username | String | N/A | Yes | Username of the FortiManager account. |
| Password | Password | N/A | Yes | Password of the FortiManager account. |
| Verify SSL | Checkbox | Unchecked | No | If enabled, the integration verifies that the SSL certificate for the connection to the FortiManager is valid. |
| Workflow Mode | Checkbox | Unchecked | No | If enabled, the integration uses workflow sessions to execute API requests. This parameter is mandatory if FortiManager is configured in the workflow mode. |
Actions
Add IP to Group
Description
Create a firewall address object and add it to a suitable address group.
Parameters
| Parameters | Type | Default Value | Description |
|---|---|---|---|
| ADOM Name | String | N/A | The name of the ADOM. Default: root. |
| Address Group Name | String | N/A | The name of the address group to add to address object to. |
Use cases
N/A
Run On
This action runs on the IP Address entity.
Action Results
Entity Enrichment
N/A
Insights
N/A
Script Result
| Script Result Name | Value Options | Example |
|---|---|---|
| is_success | True/False | is_success:False |
JSON Result
N/A
Add URL to URL Filter
Description
Add a new block record to a URL filter by its name.
Parameters
| Parameter | Type | Default Value | Description |
|---|---|---|---|
| ADOM Name | String | N/A | The name of the ADOM. Default: root. |
| URL Filter Name | String | N/A | The name of the URL filter to add record to. |
Use cases
N/A
Run On
This action runs on the URL entity.
Action Results
Entity Enrichment
N/A
Insights
N/A
Script Result
| Script Result Name | Value Options | Example |
|---|---|---|
| is_success | True/False | is_success:False |
JSON Result
N/A
Execute Script
Description
Execute an existing script. It can be executed on a device group, and on a single device if the VDOM is provided.
Parameters
| Parameter | Type | Default Value | Description |
|---|---|---|---|
| ADOM Name | String | N/A | The name of the ADOM. Default: root. |
| Policy Package Name | String | N/A | The full name of the package, including package name and any parent folders. |
| Script Name | String | N/A | The name of the script to execute. |
| Device Name | String | N/A | The name of the device to execute the script on. |
| VDOM | String | N/A | The virtual domain of the device. |
Use cases
N/A
Run On
This action runs on all entities.
Action Results
Entity Enrichment
N/A
Insights
N/A
Script Result
| Script Result Name | Value Options | Example |
|---|---|---|
| task_id | N/A | N/A |
JSON Result
N/A
Get Task Information
Description
Get task information by the ID.
Parameters
| Parameter | Type | Default Value | Description |
|---|---|---|---|
| Task ID | String | N/A | The ID of the task to get information about. |
Use cases
N/A
Run On
This action runs on all entities.
Action Results
Entity Enrichment
N/A
Insights
N/A
Script Result
| Script Result Name | Value Options | Example |
|---|---|---|
| is_success | True/False | is_success:False |
JSON Result
N/A
Ping
Description
Test integration connectivity.
Parameters
N/A
Use cases
N/A
Run On
This action runs on all entities.
Action Results
Entity Enrichment
N/A
Insights
N/A
Script Result
| Script Result Name | Value Options | Example |
|---|---|---|
| is_success | True/False | is_success:False |
JSON Result
N/A
Remove IP From Group
Description
Remove a firewall address object from a suitable address group and delete the firewall address object.
Parameters
| Parameter | Type | Default Value | Description |
|---|---|---|---|
| ADOM Name | String | N/A | The name of the ADOM. Default: root. |
| Address Group Name | String | N/A | The name of the address group to remove the address from. |
Use cases
N/A
Run On
This action runs on the IP Address entity.
Action Results
Entity Enrichment
N/A
Insights
N/A
Script Result
| Script Result Name | Value Options | Example |
|---|---|---|
| is_success | True/False | is_success:False |
JSON Result
N/A
Remove URL From URL Filter
Description
Remove a block record from a URL filter by its name.
Parameters
| Parameter | Type | Default Value | Description |
|---|---|---|---|
| ADOM Name | String | N/A | The name of the ADOM. Default: root. |
| URL Filter Name | String | N/A | The name of the URL filter to remove the record from. |
Use cases
N/A
Run On
This action runs on the URL entity.
Action Results
Entity Enrichment
N/A
Insights
N/A
Script Result
| Script Result Name | Value Options | Example |
|---|---|---|
| is_success | True/False | is_success:False |
JSON Result
N/A