Actions99
- InterACT Actions
- Notification Actions
- Organization Actions
- Task Actions
- Policy Actions
- Repository Actions
- Setting Actions
- Triage Rule Actions
- User Actions
- Acquisition Actions
- API Token Actions
- Asset Actions
- Auto Asset Tag Actions
- Baseline Actions
- Case Actions
- Evidence Actions
Overview
The "Assign Task" operation under the "Asset" resource in this node is designed to assign a specific task configuration to one or more endpoint assets within a selected case. This operation is useful in scenarios where you want to automate task assignments for managing or investigating endpoint devices related to a particular case, such as forensic investigations, incident response, or asset management workflows.
For example, if an analyst wants to assign a triage or data collection task to all assets matching certain criteria (e.g., online Windows machines in a specific organization), this operation allows filtering those assets and assigning the chosen task configuration efficiently.
Properties
| Name | Meaning |
|---|---|
| Case | The case to which the task will be assigned. You can select a case from a list of existing cases or specify it by its ID. |
| Task Choice | The specific task configuration choice to assign to the filtered assets. This is a required string input where you specify the task identifier or name. |
| Filter Options | A collection of optional filters to narrow down the assets that will receive the task assignment. Filters include: - Excluded Asset IDs (comma-separated list) - Included Asset IDs (comma-separated list) - Asset Name - IP Address - Isolation Status (Isolated, Not Isolated) - Managed Status (Managed, Unmanaged) - Online Status (Online, Offline) - Organization (select from list, by ID, or by name) - Platform (Windows, macOS, Linux) - Search Term - Tags (comma-separated) |
Output
The output JSON structure typically contains information about the result of the task assignment operation. This may include confirmation of the task being assigned, details about the assets affected, and any relevant metadata returned by the API.
If the node supports binary data output (not explicitly shown here), it would generally represent files or evidence collected from assets, but for this operation, the focus is on JSON output confirming task assignment status.
Dependencies
- Requires an API key credential for authenticating with the external Binalyze AIR service.
- The node depends on the Binalyze AIR API endpoints for cases, assets, and tasks.
- Proper configuration of the API authentication credential in n8n is necessary.
- Network connectivity to the Binalyze AIR service must be available.
Troubleshooting
Common Issues:
- Invalid case ID format: The case ID must only contain letters, numbers, hyphens, and underscores.
- Task choice not found or invalid: Ensure the task configuration specified exists and is accessible.
- Filtering errors: Incorrect filter values (e.g., invalid IP address format or non-existent organization) may cause no assets to match or API errors.
- Authentication failures: Verify that the API key credential is valid and has sufficient permissions.
Error Messages:
"Not a valid case ID (must contain only letters, numbers, hyphens, and underscores)": Correct the case ID input to match the required pattern.- API errors indicating unauthorized access: Check API key validity and permissions.
- No assets matched the filter criteria: Review and adjust filter options to ensure they correctly target intended assets.
Links and References
- Binalyze AIR Official Documentation
- Binalyze AIR API Reference
- n8n Documentation on Creating Custom Nodes