Actions99
- InterACT Actions
- Notification Actions
- Organization Actions
- Task Actions
- Policy Actions
- Repository Actions
- Setting Actions
- Triage Rule Actions
- User Actions
- Acquisition Actions
- API Token Actions
- Asset Actions
- Auto Asset Tag Actions
- Baseline Actions
- Case Actions
- Evidence Actions
Overview
The "Download Task Report" operation under the "Evidence" resource in this node allows users to retrieve detailed reports related to a specific task by its ID. The report can be downloaded in various formats such as PDF, HTML, or JSON. This functionality is useful for forensic analysis, audit trails, compliance reporting, or sharing evidence summaries with stakeholders.
Typical use cases include:
- Automatically generating and downloading task reports after completing an investigation or acquisition.
- Filtering the report content based on endpoint attributes like isolation status, platform, or tags to focus on relevant data.
- Integrating with other systems that require evidence reports in specific formats for further processing or archival.
Properties
| Name | Meaning |
|---|---|
| Task ID | The unique identifier of the task for which the evidence report will be retrieved. Must contain only letters, numbers, hyphens, and underscores. |
| Report Format | The format in which the task report will be downloaded. Options are: PDF, HTML, or JSON. |
| Additional Fields | Optional filters to refine the report content. These include: |
| - Filter By Excluded Endpoint IDs | Comma-separated list of endpoint IDs to exclude from the report. |
| - Filter By Group Full Path | Full path string of the group to filter endpoints by group membership. |
| - Filter By Group ID | Identifier of the group to filter endpoints. |
| - Filter By Included Endpoint IDs | Comma-separated list of endpoint IDs to include in the report. |
| - Filter By IP Address | IP address to filter endpoints. |
| - Filter By Isolation Status | Multi-select filter for endpoint isolation states: Isolated, Not Isolated, Isolating, Lifting Isolation. |
| - Filter By Issue | Text filter to include endpoints with a specific issue. |
| - Filter By Managed Status | Multi-select filter for managed or unmanaged endpoints. |
| - Filter By Name | Text filter for endpoint names. |
| - Filter By Online Status | Multi-select filter for online or offline endpoints. |
| - Filter By Organization IDs | Comma-separated list of organization IDs to filter endpoints. |
| - Filter By Platform | Multi-select filter for platforms: Windows, Linux, macOS. |
| - Filter By Policy | Text filter for policy applied to endpoints. |
| - Filter By Search Term | General search term to filter endpoints. |
| - Filter By Tags | Comma-separated list of tags to filter endpoints. |
| - Filter By Version | Text filter for endpoint version. |
Output
The node outputs the downloaded task report in the selected format within the json output field. Depending on the chosen format:
- PDF: A binary file representing the report in PDF format.
- HTML: A textual HTML representation of the report.
- JSON: A structured JSON object containing the report data.
If the report includes binary data (e.g., PDF), it will be provided as binary output suitable for saving or further processing.
Dependencies
- Requires an API key credential for authenticating with the Binalyze AIR service.
- Network access to the Binalyze AIR API endpoint.
- Proper configuration of the node credentials in n8n to allow secure API communication.
Troubleshooting
- Invalid Task ID: If the Task ID contains invalid characters, the node will throw a validation error. Ensure the Task ID only includes letters, numbers, hyphens, and underscores.
- Authentication Errors: Failure to authenticate with the API may occur if the API key credential is missing or incorrect. Verify the credential setup.
- Report Not Found: If the specified task does not exist or has no associated report, the node may return an error or empty result. Confirm the Task ID is correct and the task has completed.
- Unsupported Format: Selecting a report format outside the supported options (PDF, HTML, JSON) will cause errors. Use one of the provided options.
- Filtering Issues: Incorrectly formatted filter fields (e.g., malformed comma-separated lists) might lead to unexpected results or API errors. Validate input formats carefully.