Actions99
- InterACT Actions
- Notification Actions
- Organization Actions
- Task Actions
- Policy Actions
- Repository Actions
- Setting Actions
- Triage Rule Actions
- User Actions
- Acquisition Actions
- API Token Actions
- Asset Actions
- Auto Asset Tag Actions
- Baseline Actions
- Case Actions
- Evidence Actions
Overview
This node integrates with Binalyze AIR to manage and interact with various resources related to digital forensics and incident response. Specifically, the Baseline - Get Comparison Report operation retrieves a comparison report between baselines for a given endpoint and task. This is useful in scenarios where you want to analyze changes or differences in system states over time, such as detecting unauthorized modifications or verifying remediation efforts.
Practical examples include:
- Comparing the current state of an endpoint against a previous baseline to identify suspicious changes.
- Generating reports for forensic investigations to document system changes.
- Automating compliance checks by comparing system snapshots.
Properties
| Name | Meaning |
|---|---|
| Endpoint ID | The unique identifier of the endpoint (device) for which the baseline comparison report is requested. |
| Task ID | The unique identifier of the task associated with generating the comparison report. |
Output
The node outputs JSON data containing the comparison report details between two baselines for the specified endpoint and task. The exact structure depends on the API response but typically includes information about differences detected, timestamps, and metadata relevant to the baseline comparison.
If the node supports binary data output (not explicitly shown here), it would represent downloadable reports or files related to the comparison.
Dependencies
- Requires an active connection to the Binalyze AIR platform via an API key credential configured in n8n.
- The node depends on Binalyze AIR's REST API endpoints for baselines and comparison reports.
- Proper permissions on the Binalyze AIR account to access baseline and task data are necessary.
Troubleshooting
Common issues:
- Invalid or missing Endpoint ID or Task ID parameters will cause the request to fail.
- Network connectivity problems or incorrect API credentials can prevent successful API calls.
- Insufficient permissions on the Binalyze AIR account may result in authorization errors.
Error messages:
"Unknown resource": Indicates the selected resource is not recognized; ensure "Baseline" is chosen.- API errors related to invalid IDs or unauthorized access should be resolved by verifying input values and credentials.
- Timeout or network errors require checking internet connectivity and API endpoint availability.