Actions99
- InterACT Actions
- Notification Actions
- Organization Actions
- Task Actions
- Policy Actions
- Repository Actions
- Setting Actions
- Triage Rule Actions
- User Actions
- Acquisition Actions
- API Token Actions
- Asset Actions
- Auto Asset Tag Actions
- Baseline Actions
- Case Actions
- Evidence Actions
Overview
The node provides management capabilities for Binalyze AIR assets, specifically including an operation to "Purge and Uninstall" assets. This operation allows users to remove selected endpoint assets from the system and uninstall associated software or agents remotely. It is useful in scenarios such as decommissioning devices, cleaning up unused endpoints, or enforcing security policies by removing compromised or obsolete assets.
For example, a security team might use this node to purge and uninstall software from all offline or unmanaged assets within a specific organization or matching certain tags, ensuring that only relevant endpoints remain active in their environment.
Properties
| Name | Meaning |
|---|---|
| Filter Options | A collection of filters to specify which assets to target for the purge and uninstall operation. Filters include: - Excluded Asset IDs: Comma-separated list of asset IDs to exclude. - Included Asset IDs: Comma-separated list of asset IDs to include. - Filter By Asset Name: Filter assets by name. - Filter By IP Address: Filter assets by IP address. - Filter By Isolation Status: Choose between "Isolated" or "Not Isolated". - Filter By Managed Status: Choose between "Managed" or "Unmanaged". - Filter By Online Status: Choose between "Online" or "Offline". - Filter By Organization: Select an organization by list, ID, or name. - Filter By Platform: Choose one or more platforms among Windows, macOS, Linux. - Filter By Search Term: General search term to filter assets. - Filter By Tags: Comma-separated list of tags to filter assets. |
Output
The node outputs JSON data representing the result of the purge and uninstall operation on the selected assets. The output typically includes details about which assets were successfully purged and uninstalled, any errors encountered per asset, and summary information about the operation's outcome.
If the node supports binary data output (not explicitly shown in the provided code), it would likely relate to logs or reports generated during the purge/uninstall process, but no explicit binary output handling is indicated here.
Dependencies
- Requires an API key credential for authenticating with the Binalyze AIR platform.
- Depends on the Binalyze AIR API to perform asset management operations.
- The node uses internal resource modules for assets and related operations bundled within the node implementation.
- No additional external services are required beyond the Binalyze AIR API.
Troubleshooting
Common Issues:
- Incorrect or missing API authentication token can cause authorization failures.
- Providing invalid asset IDs or organization identifiers may result in no assets being found or affected.
- Network connectivity issues to the Binalyze AIR API will prevent execution.
- Using incompatible filter combinations might yield empty results.
Error Messages:
"Unknown resource: assets"— indicates the resource parameter was not set correctly; ensure "Asset" is selected.- API errors returned from Binalyze AIR (e.g., unauthorized, not found) should be checked by verifying credentials and input parameters.
Resolution Tips:
- Verify API credentials and permissions.
- Double-check filter values and formats (e.g., comma-separated lists).
- Test connectivity to the Binalyze AIR API endpoint.
- Use logging/debugging features to inspect request payloads and responses.
Links and References
- Binalyze AIR Official Documentation
- Binalyze AIR API Reference
- n8n Documentation on Creating Custom Nodes