Adding Items to the Queue within the FSO Queue Plugin

In this installment of the Tips and Insights series, Richard Ignacio demonstrates how to add items to the queue within the FireEye Security Orchestrator (FSO) queue plugin.

Hi my name is Richard Ignacio and I’m the Senior Manager of the Orchestration Architecture team with FireEye. In the video tip, I described the ‘Queue plug in’ and it’s command. In this video I will demonstrate how to add items to the queue. To add an item to the queue, we’re going to create a playbook.

As you see I already have a playbook created here called add item to queue. So let’s take a look at it.

The start event for this playbook is a self listener. That’s not important. We’re just going to use that to kick off this playbook. The next step in this playbook is to add to the queue. So, as you can see here, we’re using the ‘add to queue’ command of the queue plugin command.

The next is to use the ‘add to queue’ command in the queue plugin. So, as you can see here we’ve already add the command and we’ve added data to it. The data that we’ve added is going to be a JSON object that looks like this. To make it easier to see what we’ve put in there I can pull up the JSON here. This is the example JSON we’re going to use to put into the queue.

The queue name is blank because we’re going to use the queue name that we configured into the queue device. The next step in this playbook is just to update the case with a case name.

So, let’s go ahead and run this playbook and see what that looks like.

As you can see a new case has been added. Let’s take a look at it.

if we open up the detailed view and look at the results of the add to queue command you’ll see the output as a record I.D . The input is the data that we provided manually before.

The record I.D. is the output that specifies the item in that queue. If you need to look at that item again later on you can use this record I.D. to reference it to pull back that information.

This concludes the demonstration for adding items to a queue. I hope this demonstration helped you understand how to use the queue plugin to add items to stay tuned for more FireEye Tips and Insights.stay tuned for more FireEye Tips and Insights.

