Binalyze AIR

Manage Binalyze AIR resources

Actions99

InterACT Actions
Notification Actions
- Get Many
- Mark as Read by ID
Organization Actions
Task Actions
Policy Actions
Repository Actions
- Get
- Get Many
Setting Actions
- Update Banner Message
Triage Rule Actions
User Actions
- Get Many
- Get
Acquisition Actions
API Token Actions
Asset Actions
Auto Asset Tag Actions
Baseline Actions
Case Actions
Evidence Actions

Overview

This node integrates with Binalyze AIR to manage various resources related to digital forensics and incident response. Specifically, the "Case" resource with the "Get Endpoints" operation allows users to retrieve information about endpoints associated with a particular case. This is useful in scenarios where an analyst needs to gather or review all devices involved in or linked to a specific investigation case.

Practical examples include:

Fetching all endpoints connected to a case to assess affected devices.
Automating workflows that require endpoint data retrieval for further processing or reporting.
Integrating case endpoint data into broader security orchestration platforms.

Properties

Name	Meaning
Case ID	The unique identifier of the case for which to retrieve associated endpoints. This is a required string input where you enter the case's ID.

Output

The node outputs JSON data containing details about the endpoints linked to the specified case. The exact structure depends on the API response but typically includes endpoint identifiers, names, statuses, and other relevant metadata.

If the node supports binary data output (not explicitly shown here), it would represent files or evidence related to endpoints, but this operation primarily returns JSON endpoint information.

Dependencies

Requires an active connection to Binalyze AIR via an API key credential configured in n8n.
The node depends on the Binalyze AIR API being accessible and the user having appropriate permissions to query case endpoints.
No additional external dependencies are indicated beyond the API authentication.

Troubleshooting

Common Issues:
- Invalid or missing Case ID: Ensure the Case ID is correctly entered and corresponds to an existing case.
- Authentication errors: Verify that the API key credential is valid and has sufficient permissions.
- Network or API availability issues: Confirm connectivity to the Binalyze AIR service.
Error Messages:
- "Unknown resource: cases": This indicates a misconfiguration or typo in the resource parameter; ensure "cases" is selected.
- API errors related to authorization or not found cases usually indicate permission issues or incorrect Case IDs.

Resolving these typically involves verifying input parameters, credentials, and network access.

Links and References

Binalyze AIR Official Documentation — For detailed API and product usage.
n8n Documentation — For guidance on setting up credentials and using custom nodes.