Best Of

If you haven't read the "How to use Template Engine to Render Complex Templates - Part 1" post, start off there an continue with this post.

Once the template is created, it needs to be saved in the Email HTML Template section in Settings.  Name the template any name you wish.  Make sure it is saved in the appropriate environment that it will be used for.

Step 3. With the template created, we can now create the playbook or block to render the template.  The first step will be Get Case Data from the Siemplify Tools integration.  This action returns a JSON representation of the case.  The second step will be the Render Template action from TemplateEngine.  Render Template takes the following inputs: Template and JSON Object.  Select the name of the Template we created for “Template” and for JSON Object, use the Placeholder Browser to select the JsonResult from the Get Case Data action.  The parameters will look like this:

The final step in this block will be the Send Email action.  Actions that use parameters of type “Email Content” do not accept input from previous playbook steps.  Since the Send Email action in EmailV2 uses this parameter type, we cannot use the output from Render Template.  To get around this, we will duplicate the Send Email action and modify the parameter type in the IDE.  Save your playbook and go into the IDE.

Once you’re in the IDE, find Send Email under Emailv2.  Open the action and select “Duplicate Item” from the right menu.

In the duplicated action, double click on the “Content” parameter and change the type from Email Content to Content.

Finally, rename the action to “Send Email with Template” and save.

Return to the Playbooks section and select the block we were working on. For the final step, drag the “Send Email with Template” action in Emailv2.  For the “To:” parameter, use the placeholder for the Environment contact.  Fill in “Case Closure Notice” for the subject and use the result of the Render Template action as the content.

The completed block will look like this:

The output of Render Template can now be used in the body of an email or a ticket.  Here is an example of how the above example renders in an email.

The full template used:

<p>

  Dear [Environment.Name], please see below conclusion report of cyber security incident.

</p>

<br />

<table border="1" width="600px">

  <tbody>

    <tr style="background-color: #7030a0;">

      <td style="text-align: center;" colspan="2">

        <span style="color: #ffffff;">

          <strong>Siemplify Case Notification</strong>

        </span>

      </td>

    </tr>

    <tr>

      <td>

        <strong>Case Title:</strong>

      </td>

      <td>{% set alert_descs = [] %}

          {% for alert in input_json['alerts']  %}

            {% do alert_descs.append( alert['additionalProperties']['ruleGenerator'] ) %}

          {% endfor %}

          {{ alert_descs|unique|join(',') }}

            </td>

    </tr>

    <tr>

      <td>

        <strong>Case Id:</strong>

      </td>

      <td>[Case.Id]</td>

    </tr>

    <tr>

      <td>

        <strong>Creation Date/Time:</strong>

      </td>

      <td>[Case.CreationTime]</td>

    </tr>

    <tr>

      <td>

        <strong>Case Severity:</strong>

      </td>

      <td>[Case.Priority]</td>

    </tr>

    <tr>

      <td>

        <strong>Time to resolution:</strong>

      </td>

        {% if "[Case.Priority]" == "Critical" %}

      <td>The expected timeframe to resolve this issue is 1 hours</td>

        {% elif "[Case.Priority]" == "High" %}

      <td>The expected timeframe to resolve this issue is 2 hours</td>

        {% elif "[Case.Priority]" == "Medium" %}

      <td>The expected timeframe to resolve this issue is 6 hours</td>

        {% elif "[Case.Priority]" == "Low" %}

      <td>The expected timeframe to resolve this issue is 8 hours</td>

        {% elif "[Case.Priority]" == "Informative" %}

      <td>The expected timeframe to resolve this issue is 8 hours</td>

        {% endif %}        

    </tr>    

    <tr>

        <td colspan="2">

        <strong>Analysis:</strong>

      </td>

    </tr>

    {% set alert_comments = [] %}

        {% for comment in input_json['wallData'] %}

            {% if comment['isFavorite']== True %}

                {% if comment['type'] == 5 and comment['creatorUserId'] != 'System' %}

                    {% do alert_comments.append( comment['comment'] ) %}

                {% elif comment['type'] == 6 %}

                    {% do alert_comments.append( comment['content'] ) %}

                {% endif %}

            {% endif %}

        {% endfor %}

    {% if alert_comments|length > 0 %}   

    {% for alert_comment in alert_comments %}

    <tr>

        <td colspan="2">            

          {{ alert_comment|safe }}            

        </td>

     </tr>

     {% endfor %}

     {% else %}

     <tr>

         <td colspan="2">

            No analyst notes.

         </td>

     </tr>

     {% endif %}     

  </tbody>

</table>

Enjoy!

I have recently created Template Engine, an integration available to the Community which utilizes Jinja2 to render templates for usage in Siemplify.  Jinja2 is an extremely powerful templating language and can be used to make aesthetically pleasing HTML pages for use in Siemplify Insights, Emails, and anything benefiting from template usage.  

The Template Engine integration includes two actions: Render Template and Entity Insight.  The Render Template action will render a single template using the input JSON string.  The resulting template can be used in Emails, ticketing systems, or any action accepting an input string.  The Entity Insight action will create individual entity insights based upon the entities in the action scope and the input JSON string.  

In this blog post, we are going to show you how to use the Render Template action along with the Get Case Data action from SiemplifyTools, to produce an HTML email that contains details from the case as well as all of the favorited comments from the case wall.

The Template Engine integration uses Jinja2 to render templates.  Creating a basic Jinja template is easy, but Jinja2 is extremely powerful and advanced templates are beyond the scope of this walkthrough.  For a full explanation of Jinja templating can be found at the following URL:

https://jinja.palletsprojects.com/en/2.11.x/

The first step will be to make sure you have SiemplifyTools and TemplateEngine integrations installed and updated.  Configure both of these in your Shared Environment.  

The second step will be to create the template that will be rendered.  The template used by Render Template can contain Jinja2 style templating and Siemplify placeholder style templating.  The Jinja2 style utilizes curly braces { } and Siemplify uses square brackets [ ].  By using the combination of templating formats, you are able to create very rich documents.  

The Siemplify placeholders gives you access to all of the data values available through the “Placeholder” dialog in Playbook builder.  Examples of these values are: [ Environment.Name ], [ Case.Id ], [ Entity.identifier ], etc.  

These values can also be used WITHIN Jinja2 templates.  If you want to iterate over the entities, you can use [ Entity.identifier ] as an input for a FOR loop in Jinja2. There will be an example of this further down.

The Jinja2 template receives it’s data through the dictionary object ‘input_json’.  This variable, ‘input_json’ can be used within the template to output the desired information.

In the following example, we’ll create a template that uses both Jinja2 and Siemplify formats.  This template will summarize the case and can be used as a closing email to a customer or user.

First we use Siemplify placeholders to extract the name of the Environment.  

Now we create a table that is going to contain the information about the case.

Here is some of the Jinja2 magic.  We want the title <td> to include the list of alert rule generator values in the case.  To do that, we are going to loop through all of the alerts in the input_json, case, and append the description of that alert to a list.  After we accumulate the alert_descs list, we are going to use a Jinja filter to only return the unique values chained to another filter to separate the list with a comma. 

Now that we have the title, we want to output some more details about the case, the ID and the time it was created.

Conditionals within Jinja can be used to alter the output of templates.  Below, we are using a combination of both Jinja and Siemplify Placeholders to output a string based on the case priority.  The [Case.Priority] will be rendered first and then the Template Engine will render conditional. 

-------------------------------------

The final section will collect all the user created comments and insights and add them to a list.  Using a conditional, we can restrict the output to only render if there are items in the list.

If we were to view this template as HTML, without any Jinja or Siemplify template rendering, it would look like this:

Continue reading the second post (part 2) for more information on How to use Template Engine to Render Complex Templates.

Enjoy!