SOAR Engine Interactive Dashboard

System Overview

v2.4.1 Active

The SOAR Engine automates security response workflows by processing trigger events and executing predefined playbooks. Built on a modern tech stack, it provides reliable, scalable security automation with minimal human intervention.

FastAPI

High-performance API layer for event ingestion and playbook management with automatic OpenAPI documentation.

SQLAlchemy

ORM for database schema management, supporting PostgreSQL, MySQL, and SQLite with advanced query capabilities.

Jinja2

Templating engine for dynamic playbook execution, enabling context-aware automation with event data.

Playbook Analytics

Quantitative breakdown of playbook components showing the structure of automated workflows.

Triggers

Events that initiate playbook execution

Conditions

Logic gates for workflow branching

Action Steps

Individual automated tasks

SOAR Engine Dashboard

System Overview

FastAPI

SQLAlchemy

Jinja2

Playbook Analytics

Triggers

Conditions

Action Steps

Database Schema

TriggerEvent

Playbook

PlaybookExecution

Entity Relationships

Playbook Execution Flow

Trigger Event

Condition Check

Automated Actions

Notify Analyst

Isolate Host

Create Ticket

Original Parameters

Rendered Parameters

API Endpoints

/load_playbook/

Request Headers:

Example Request:

/trigger_event/