Actions99
- InterACT Actions
- Notification Actions
- Organization Actions
- Task Actions
- Policy Actions
- Repository Actions
- Setting Actions
- Triage Rule Actions
- User Actions
- Acquisition Actions
- API Token Actions
- Asset Actions
- Auto Asset Tag Actions
- Baseline Actions
- Case Actions
- Evidence Actions
Overview
This node integrates with Binalyze AIR to manage its various resources, including triage rules. Specifically, the Delete Triage Rule operation allows users to remove a triage rule from their Binalyze AIR environment by specifying the rule's identifier.
Typical use cases include automating cleanup of outdated or irrelevant triage rules, managing security policies dynamically, or integrating triage rule management into broader incident response workflows.
For example, after an investigation is complete, a user might delete triage rules that are no longer needed to keep the system organized and reduce clutter.
Properties
| Name | Meaning |
|---|---|
| Triage Rule | The triage rule to operate on. Can be selected from a list of existing triage rules or specified by ID. |
- The "Triage Rule" property supports two modes:
- From List: Select a triage rule from a searchable dropdown populated with existing triage rules.
- By ID: Enter the triage rule ID manually. The ID must contain only letters, numbers, hyphens, and underscores.
Output
The node outputs JSON data representing the result of the delete operation. Typically, this will confirm whether the triage rule was successfully deleted or provide error details if the deletion failed.
No binary data output is expected for this operation.
Dependencies
- Requires an API key credential for authenticating with the Binalyze AIR API.
- The node depends on the Binalyze AIR service being accessible and the API token having sufficient permissions to delete triage rules.
- No additional external dependencies beyond the configured API credentials.
Troubleshooting
- Invalid Triage Rule ID: If the entered ID contains invalid characters (anything other than letters, numbers, hyphens, or underscores), the node will reject it before making the API call. Ensure the ID format matches the required pattern.
- Triage Rule Not Found: Attempting to delete a non-existent triage rule will likely result in an error from the API. Verify the triage rule exists before deletion.
- Authentication Errors: If the API key is missing, expired, or lacks permissions, the node will fail to authenticate. Check the API credentials and permissions.
- Network Issues: Connectivity problems with the Binalyze AIR API endpoint can cause failures. Confirm network access and API availability.
Links and References
- Binalyze AIR Official Documentation — For detailed information about triage rules and API usage.
- Binalyze AIR API Reference — To understand the API endpoints related to triage rules.