Hi, I've got a problem with this playbook code block, the custom functions I try to execute seem to hang indefinitely, I also know the custom function works because I've successfully used it from a utility block
I've tried a few different arrangements of this logic including initializing cfid with both the custom function calls and consolidating custom function names into a single while loop with the phantom.completed and have used pass instead of sleep.
But the custom function doesn't seem to return/complete.
Here's another example, which is basically the same except it consolidates the while loops and executes both the custom functions at the same time.
Once either of these above scenarios (or something similar) are successful I need to get the results from the custom function executions (below pic), combine it into a single string and then send "data" to another function:
> post_http_data(container=container, body=json.dumps({"text": data})
Any assistance would be great. Thanks.
In my limited testing, SOAR doesn't seem to like handling custom functions within a single code block. It doesn't want to wait for the custom function to actually finish before moving on.
For reference, first_code_block just calls a custom function and second_code_block runs phantom.completed() on that function.
If you have to call the function from within a code block, you can add a callback. This will make sure the code doesn't move on until the run finishes. I wasn't able to get the callback to work on a second function within the same block. (One note on this: Phantom will call the last two lines of the code block before the custom function finishes)
phantom.custom_function(... callback=second_code_block)
The easiest method by far is to just put each custom function into their own block, then do whatever processing you need in a custom code block below. By default, SOAR will wait for any simultaneous blocks to finish before running the next step.
