I am looking for assistance in creating a workflow in Log360 that extracts malicious IPs detected by the Fortinet firewall and saves them in a text file at a specific network location.

Workflow Requirements:

1. Data Source: Alerts generated by the Fortinet firewall.
2. Action: Extract the malicious IP from the field in the logs.remip
3. Storage Destination: Save the IPs in a text file () located at the network path .ip2.txt\\server\blockip\
4. Automation: This process should be automatically triggered every time a relevant alert from Fortinet is generated.
5. Output Format: The text file should contain each IP on a new line.

I have tried setting up a script in the workflow, but I am encountering issues with saving the IP in the text file correctly. I would appreciate detailed instructions or a sample script to achieve this functionality.