Agreed. The script returns the name and not the ID. The API data returned for an incident can return the ID which was what I was confused by.
------------------------------
Mark Scherfling
------------------------------
Original Message:
Sent: Thu December 28, 2023 08:10 PM
From: Yohji Amano
Subject: Acquisition of org-id and soar-hostname in playbook script
Hi Mark,
Thank you for the reply. I understand the restrictions.
It seemed that `incident.org_handle` field may return organization name rather than organization id, doesn't it?
------------------------------
Yohji Amano
Original Message:
Sent: Thu December 28, 2023 08:23 AM
From: Mark Scherfling
Subject: Acquisition of org-id and soar-hostname in playbook script
Hi Yohji,
Unfortunately, there's no way to get the SOAR hostname from within a script. However, the organization-id can be accessed via the `incident.org_handle` field.
Hope this helps.
Mark
------------------------------
Mark Scherfling
Original Message:
Sent: Tue December 26, 2023 12:40 AM
From: Yohji Amano
Subject: Acquisition of org-id and soar-hostname in playbook script
Hello community members.
I would like to know how to get the values of organization-id and SOAR hostname automatically in the playbook script environments.
If it's possible, we can write more portable playbook when we call SOAR REST API in the application such as "
REST API Functions for IBM QRadar SOAR".
Is it possible?
------------------------------
Yohji Amano
------------------------------