Triggering a Playbook from a Pattern analysis Dashboard

Create a playbook with a trigger node as start node

Edit the trigger to set, in the Test parameters section, the same name of the parameter of the event you want to use in the dashboard to trigger the playbook.

In the following nodes of the flow, use that parameter. In this example, we add a DNS Lookup node that uses the DestinationIP parameter coming from the trigger.

Save the playbook and go to SCM -> Dashboard -> Dashboard. In any Pattern analysis dashboard showing events with the DestinationIP parameter, you can right-click on the value and select Send this value to a playbook

Choose the previously saved playbook to get the DNS Lookup output.

Download the PB samples package for examples.