There is a use case where I want to Block Malicious IPs detected in InsightIDR on FortiGate firewalls. I am able to add connections to each firewall individually, Is there any way I can create a connection group to add the firewalls in it and use in the workflow ?
You would need to have the step duplicated for each unique firewall connection you need.
20 firewall connections, 20 firewall steps needed.
I would recommend using the FortiManager api instead. This would allow you to manage multiple firewalls with one connection.
We do not have a native plugin for this. You would accomplish it most easily using the Python plugin.