Actions159
- Related Items Actions
- Backup Actions
- Queries Actions
- Get Disk Drives
- Get Operating Systems
- Get RAID Controller Report
- Get Volumes
- Get Computer Systems
- Get Antivirus Status Report
- Get Device Health Report
- Get Custom Fields Report
- Get Installed Software Patches
- Get Custom Fields Detailed Report
- Get Installed OS Patches
- Get Pending Failed Rejected OS Patches
- Get RAID Drive Report
- Get Windows Services Report
- Get Antivirus Threats
- Get Device Usage
- Get Network Interfaces
- Get Processors
- Get Software
- Get Last Logged On Users Report
- Get Policy Overrides 1
- Get Scoped Custom Fields Report
- Get Pending Failed Rejected Software Patches
- Get Scoped Custom Fields Detailed Report
- System Actions
- Knowledge Base Articles Actions
- Get Knowledge Base Article Signed Urls
- Get Related Item Attachments Signed Urls
- Download Knowledge Base Article
- Get Knowledge Base Folder Path Content
- Upload Temp Attachments
- Get Knowledge Base Folder Content
- Get Client Knowledge Base Articles
- Upload Knowledge Base Articles
- Get Global Knowledge Base Articles
- Download Related Item Attachment
- Organization Documents Actions
- Document Templates Actions
- Checklist Templates Actions
- Organization Checklists Actions
- Location Actions
- Management Actions
- Get Custom Fields Policy Condition
- Delete Policy Condition
- Reset Alert
- Update Device
- Request Scripting Options
- Submit OS Patch Scan
- Get Installer For Location
- Get Windows Event Policy Conditions
- Create Organization
- Cancel Device Maintenance
- Reboot Devices
- Set Windows Service Configuration
- Create Location For Organization
- Update Node Role Policy Assignment For Organization
- Create Windows Event Policy Condition
- Node Approval Operation
- Control Windows Service
- Remove Device Owner
- Submit OS Patch Apply
- Get Installer
- Create Policy
- Get Windows Event Policy Condition
- Update Device Maintenance
- Reset Policy Overrides
- Set Device Owner
- Submit Software Patch Scan
- Update Location
- Reset Alert Set Activity Data
- Get Device Link
- Run Script On Device
- Submit Software Patch Apply
- Update Organization
- Create Custom Fields Policy Condition
- Get Custom Fields Policy Conditions
- Custom Fields Actions
- Ticketing Actions
- Organization Actions
- Devices Actions
- Get Device Active Jobs
- Get Device Installed Software Patches
- Get Device Processors
- Update Node Attribute Values
- Get Device Disk Drives
- Get Device Pending Failed Rejected OS Patches
- Get Device Volumes
- Get Device Alerts
- Get Device Network Interfaces
- Get Device Software
- Get Device Activities
- Get Device Last Logged On User
- Get Device Services
- Get Policy Overrides
- Get Device
- Get Device Installed OS Patches
- Get Device Pending Failed Rejected Software Patches
- Get Node Custom Fields
- Groups Actions
- Webhooks Actions
Overview
This node integrates with the AvantGuard NinjaOne API to retrieve antivirus threat data. Specifically, the "Get Antivirus Threats" operation under the "Queries" resource allows users to fetch detailed information about detected antivirus threats within their monitored environment.
Common scenarios for this node include:
- Security monitoring workflows where you want to automatically gather and analyze antivirus threat data.
- Incident response automation that triggers alerts or remediation steps based on recent threats.
- Reporting and auditing tasks that require up-to-date threat intelligence from endpoint devices.
For example, a user could configure this node to periodically pull the latest antivirus threats filtered by device or timestamp, then use the data to update dashboards or trigger notifications.
Properties
| Name | Meaning |
|---|---|
| Additional Query Parameters | Optional filters and pagination controls for the query. Includes: • Df: Device filter (string) • Ts: Monitoring timestamp filter (string) • Cursor: Cursor name for pagination (string) • Page Size: Limit number of records per page (number) |
These parameters allow fine-tuning of the request to retrieve specific subsets of antivirus threat data or control the volume of results returned.
Output
The node outputs JSON data representing antivirus threat records retrieved from the API. Each item in the output corresponds to an individual threat entry containing details such as affected device, threat type, detection time, and other relevant metadata.
No binary data output is indicated for this operation.
Dependencies
- Requires an API key credential for authenticating with the AvantGuard NinjaOne service.
- The base URL for the API must be configured in the node credentials.
- Depends on the
@avantguardllc/n8n-openapi-nodepackage for building request properties and handling API communication.
Troubleshooting
- Authentication errors: Ensure the API key credential is correctly set up and has sufficient permissions.
- Empty or incomplete data: Verify that optional query parameters like device filter or timestamp are correctly specified; incorrect filters may result in no matching records.
- Pagination issues: When retrieving large datasets, use the cursor and page size parameters properly to paginate through results.
- Network or API errors: Check network connectivity and confirm the base URL is correct and accessible.
Links and References
- AvantGuard NinjaOne API Documentation (general reference for API endpoints and parameters)
- n8n documentation on creating custom nodes