Actions136
- List Actions
- Retrieve List User Mailbox Rules
- Retrieve List User Photo
- Retrieve List Users
- Retrieve List User Sign In Logs
- Retrieve Public Phishing Check
- Retrieve Edit Ca Policy
- Retrieve Edit Exconnector
- Retrieve Edit Spam Filter
- Retrieve Edit Transport Rule
- Retrieve Exec Edit Calendar Permissions
- Retrieve List Deleted Items
- Retrieve Exec Add Spn
- Retrieve Exec Add Trusted Ip
- Retrieve Exec Alerts List
- Retrieve Exec App Approval
- Retrieve Exec Assign App
- Retrieve Exec Assign Policy
- Retrieve Exec Auto Extend Gdap
- Retrieve Exec Bec Check
- Retrieve Exec Clr Imm Id
- Retrieve Exec Convert To Shared Mailbox
- Retrieve Exec Copy For Sent
- Retrieve Exec Cpv Permissions
- Retrieve Exec Create Tap
- Retrieve Exec Delete Gdap Relationship
- Retrieve Exec Delete Gdap Role Mapping
- Retrieve Exec Device Delete
- Retrieve Exec Disable User
- Retrieve Exec Dns Config
- Retrieve Exec Enable Archive
- Retrieve Exec Extension Mapping
- Retrieve Exec Extension Sync
- Retrieve Exec Extension Test
- Retrieve Exec Geo Ip Lookup
- Retrieve Exec Get Local Admin Password
- Retrieve Exec Get Recovery Key
- Retrieve Exec Graph Request
- Retrieve Exec Groups Delete
- Retrieve Exec Groups Delivery Management
- Retrieve Exec Groups Hide From Gal
- Retrieve Exec Hide From Gal
- Retrieve Exec Incidents List
- Retrieve Exec Mailbox Mobile Devices
- Retrieve Exec Maintenance Scripts
- Retrieve Exec Quarantine Management
- Retrieve Exec Reset Mfa
- Retrieve Exec Reset Pass
- Retrieve Exec Restore Deleted
- Retrieve Exec Revoke Sessions
- Retrieve Exec Run Backup
- Retrieve Exec Send Org Message
- Retrieve Exec Send Push
- Retrieve Exec Set Security Alert
- Retrieve Exec Set Security Incident
- Retrieve Exec Standards Run
- Retrieve Exec Sync Ap Devices
- Retrieve Exec Universal Search
- Retrieve Domain Analyser List
- Retrieve Get CIPP Alerts
- Retrieve Get Version
- Retrieve List All Tenant Device Compliance
- Retrieve List Ap Devices
- Retrieve List Apps
- Retrieve List App Status
- Retrieve List Auto Pilot Config
- Retrieve List Azure AD Connect Status
- Retrieve List Basic Auth
- Retrieve List Bpa
- Retrieve List Bpa Templates
- Retrieve List Calendar Permission
- Retrieve List Ca Templates
- Retrieve List Conditional Access P Olicies
- Retrieve List Contacts
- Retrieve List Defender State
- Retrieve List Defender Tvm
- Retrieve List Device Details
- Retrieve List Device
- Retrieve List Domain Analyser
- Retrieve List Domain Health
- Retrieve List Domains
- Retrieve List Exchange Connectors
- Retrieve List Ex Connector Template
- Retrieve List External Tenant Info
- Retrieve List Function Parameters
- Retrieve List Function Stats
- Retrieve List GDAP Invite
- Retrieve List Graph Request
- Retrieve List Groups
- Retrieve List Group Templates
- Retrieve List Inactive Accounts
- Retrieve List Intune Intents
- Retrieve List Intune Policy
- Retrieve List Intune Templates
- Retrieve List Known Ipdb
- Retrieve List Licenses
- Retrieve List Logs
- Retrieve List Mailbox Cas
- Retrieve List Mailboxes
- Retrieve List Mailbox Mobile Devices
- Retrieve List Mailbox Mobile Devices Copy
- Retrieve List Mailbox Permissions
- Retrieve List Mailbox Restores
- Retrieve List Mailbox Rules
- Retrieve List Mailbox Statistics
- Retrieve List Mail Quarantine
- Retrieve List Message Trace
- Retrieve List Mfa Users
- Retrieve List Named Locations
- Retrieve List Oauth Apps
- Retrieve List Ooo
- Retrieve List Org
- Retrieve List Partner Relationships
- Retrieve List Phish Policies
- Retrieve List Recipients
- Retrieve List Roles
- Retrieve List Shared Mailbox Account Enabled
- Retrieve List Shared Mailbox Statistics
- Retrieve List Sharepoint Quota
- Retrieve List Sharepoint Settings
- Retrieve List Signins
- Retrieve List Sites
- Retrieve List Spam Filter
- Retrieve List Spam Filter Templates
- Retrieve List Standards
- Retrieve List Teams
- Retrieve List Teams Activity
- Retrieve List Teams Voice
- Retrieve List Tenant Details
- Retrieve List Tenants
- Retrieve List Transport Rules
- Retrieve List Transport Rules Templates
- Retrieve List User Conditional Access Policies
- Retrieve List User Counts
- Retrieve List User Devices
- Retrieve List User Groups
- Retrieve List User Mailbox Details
Overview
This node interacts with the AvantGuard CIPP API to retrieve security alert information related to execution sets within a list resource. Specifically, the "Retrieve Exec Set Security Alert" operation fetches detailed security alert data based on several query parameters such as GUID, provider, status, tenant filter, and vendor.
This node is beneficial in scenarios where users need to programmatically monitor or audit security alerts tied to execution sets in their systems, enabling automated workflows for security incident management, compliance checks, or alert aggregation.
Practical example:
A security operations team could use this node to automatically pull the latest exec set security alerts filtered by specific vendors and providers, then trigger notifications or further processing steps when certain alert statuses are detected.
Properties
| Name | Meaning |
|---|---|
| Guid | The unique identifier (GUID) of the execution set for which to retrieve the security alert. |
| Provider | The name or identifier of the provider associated with the execution set. |
| Status | The status filter for the security alert (e.g., active, resolved). |
| Tenantfilter | A filter specifying the tenant context to scope the security alert retrieval. |
| Vendor | The vendor associated with the execution set or alert. |
All these properties are required string inputs and are sent as query parameters in the API request.
Output
The node outputs JSON data representing the retrieved security alert details for the specified execution set. The exact structure depends on the API response but typically includes fields describing the alert's attributes such as identifiers, status, timestamps, provider/vendor info, and possibly additional metadata.
There is no indication that the node outputs binary data.
Dependencies
- Requires an API key credential for authenticating with the AvantGuard CIPP API.
- The base URL for the API is configured via credentials (
resourceApiUrl). - Uses the
@avantguardllc/n8n-openapi-nodepackage and an OpenAPI specification (openapi.json) bundled with the node for request building.
Troubleshooting
- Missing or invalid credentials: Ensure the API key and base URL are correctly configured in the node credentials.
- Required properties not provided: All input properties (
Guid,Provider,Status,Tenantfilter,Vendor) are mandatory; missing any will likely cause the request to fail. - API errors: If the API returns errors (e.g., 4xx or 5xx HTTP status), verify that the query parameters are correct and that the API service is reachable.
- Network issues: Confirm network connectivity to the configured API endpoint.
Links and References
- AvantGuard CIPP API Documentation (hypothetical link, replace with actual if available)
- n8n Documentation - Creating Custom Nodes