IntegrationForAWX

xSoar playbook, automation and integration to integrate AWX

Comment 1

Inspiration

Many teams may have existing Ansible playbooks they would like to use during an xSoar investigation. The integration with AWX allows many of the preexisting workflows to be fired off to remediate various incidents.

What it does

This project can be use to call ansible playbooks that are in AWX through a xSoar playbook.

How I built it

An Integration Pack was created to package the integration script and vagrant was used to stand up the testing environment.

Challenges I ran into

Before this project I've never used xSoar. This project forced me to learn a new platform to contribute to the hackathon!

What I learned

xSoar is incredibly scaleable and extensible platform. You can integration this platform with almost anything out there. The possibilities are endless!

What's next for IntegrationForAWX

Look into using the Ansible Facts stored to help classify and enhance the various fields in an xSoar incident.

Built With

  • ansible
  • awx
  • python
  • vagrant
  • virtualbox
Share this project:

Updates