Search another article?
PB Samples Package
The package provides a set of sample playbooks to test and practice with PB module and the various nodes available.
API Request
Playbook Test API Request: This playbook shows how to use Generic API Request node. The first node makes a request to an API. The second reads a value from the response of the previous, to compose the URL to call.
SGBOX List
Playbook Test List JSON: This Playbook calls a test API to get a JSON response and extracts a list of usernames from that. Connect the playbook to a feed in SCM -> Actions -> Lists -> Feed to be used in LCE rules and Event Queries.
Playbook Test List CSV: This Playbook calls a test API to get a CSV response and extracts a list of usernames from that. Connect the playbook to a feed in SCM -> Actions -> Lists -> Feed to be used in LCE rules and Event Queries.
Logs
Playbook Test Log JSON: This playbook calls a test API to get some logs in JSON format. Then extracts the log lines from the JSON and stores them into SGBox, available for consultation in Historical Search. The timestamp is in a field of the JSON log line. The host is not present, so logs are associated with the host specified in the configuration form.
Playbook Test Log CSV: This playbook calls a test API to get some csv logs. Then, extract the logs line from the response and stores them into SGBox, available for consultation in Historical Search. The log line is not the entire CSV line, but only a part of it. The timestamp is at the beginning of the line and it’s extracted by the node. The host is a field of the CSV line too.
Trigger, Generate Log, Generate Event
Playbook Trigger + generate log and event: This playbook shows the use of a trigger and two actions: generate log and generate event.
- Open the playbook
- Edit the trigger node
- Copy the Production URL
- Paste the url in a browser
Add “&number=7” to the url.
The PB will generate a log and an event with the parameter Number = 7. Logs and events can be viewed in the Historical Search and in Class\/Pattern Analysis.
Run PB from LCE Rule
LCE Rule Test LCE rule for PB: once you trigger the previous playbook, generating the event, this rule will be triggered by the event. The rule has a Run Playbook action that calls the playbook [FROM LCE rule] Trigger + IF + Mail.
Playbook [FROM LCE rule] Trigger + IF + Mail:This playbook shows the use of nodes:
- trigger
- if
and how to trigger a playbook from a LCE rule. The trigger start node is the one called by the rule Test LCE Rule for PB. It takes parameters via POST from the rule. The IF node tests the Number parameter, then the mail node sends a different mail according to its value.
Run PB from Event Query
Query Test Query for PB: as for the LCE rule, once you trigger the previuos playbook, genereting the event, this query will find the event and pass it to the [FROM QUERY] Trigger + IF + Mail. playbook.
Playbook [FROM QUERY] Trigger + IF + Mail: This playbook shows the use of nodes:
- trigger
- iterate on data
- if
.Also, it shows how to trigger a playbook from an Event Query.
The trigger start node is the one called by the query Test Query for PB. It takes parameters via POST from the query. The IF node tests the Number parameter, then mail node sends a different email according to its value.
The iterate node causes the flow to be repeated for each line resulting from the query
Test Run PB Action
To test the Run PB action, both from LCE Rule and Event Queries, follow these steps:
- Activate Test LCE rule for PB rule
- Activate Test Query for PB query
- Open Trigger + generate log and event playbook
- Open its trigger node and copy the production url
- Paste the url in a browser
- Add “&number=7” to the url
You will receive two emails in a few minutes. The email address is the one set by default in Advanced Options mail section.