...
To effectively use Devo SOAR for triage and automation, understanding how to create integrations is essential.
Integration Creation Steps
To create an integration we need to understand how integration works. So, first step while using any integration is creating connection.
Connection
In the context of integration, a Connection represents the most common parameters necessary to run your integration. For instance, in a Splunk integration, it might include the server's URL, username, and password, which are essential for making requests.
The purpose of a Connection is to eliminate the need to input your credentials repeatedly for each action.
Connection Validation
However, in real-world scenarios, the journey doesn't always end here. You might save the connection, proceed to create a playbook over the course of several days, and when it's finally time to use the integration, you find that the connection or credentials don't work. This often leads to frustrating delays as you go back to your team to obtain the correct credentials.
To address this issue, Devo SOAR provides Connection Validation to verify that your credentials are accurate. It involves performing a non-intrusive action without causing any side-effects. For example, in the AWS S3 bucket integration, you can attempt to list directories.
Action
After all the groundwork, the primary purpose of integrations is to execute actions following the triage process. Some examples of actions include:
- AWS S3 Upload File: Use this action to upload triage reports.
- IMAP Read Email: This action allows you to read employees' mailboxes and address issues like phishing emails.
Action Validation
While it's common to input the correct data, there are cases where it might be confusing to determine what the integration expects. This is where Action Validation comes into play. For instance:
...