Actions99
- InterACT Actions
- Notification Actions
- Organization Actions
- Task Actions
- Policy Actions
- Repository Actions
- Setting Actions
- Triage Rule Actions
- User Actions
- Acquisition Actions
- API Token Actions
- Asset Actions
- Auto Asset Tag Actions
- Baseline Actions
- Case Actions
- Evidence Actions
Overview
This node integrates with Binalyze AIR to manage triage rules, specifically allowing users to retrieve details of a single triage rule. The "Get" operation for the "Triage Rule" resource fetches information about a specified triage rule by its ID or from a selectable list.
Typical use cases include:
- Retrieving configuration details of a specific triage rule to review or audit its settings.
- Using the triage rule data as part of an automated workflow that reacts based on triage criteria.
- Integrating triage rule information into broader incident response or asset management workflows.
For example, a security analyst might use this node to pull the details of a triage rule that categorizes endpoint alerts, then use that data to trigger further investigation steps in n8n.
Properties
| Name | Meaning |
|---|---|
| Triage Rule | Select the triage rule to operate on. You can choose it either from a searchable list of existing triage rules or specify its ID directly (must contain only letters, numbers, hyphens, and underscores). |
| Additional Fields | Optional fields to refine the request. Currently supports: • Organization: Filter triage rules by organization when selecting from the list. You can select an organization from a list, enter its ID (positive number or 0 for default), or specify by name. |
Output
The node outputs JSON data representing the requested triage rule's details. This typically includes all properties and metadata associated with the triage rule as returned by the Binalyze AIR API.
No binary data output is indicated for this operation.
Dependencies
- Requires an active connection to Binalyze AIR via an API key credential configured in n8n.
- The node depends on the Binalyze AIR API being accessible and the user having permissions to read triage rules.
- For filtering by organization, the organization must exist and be accessible by the authenticated user.
Troubleshooting
- Invalid Triage Rule ID: If you enter an ID with invalid characters (anything other than letters, numbers, hyphens, and underscores), the node will reject it with a validation error. Ensure the ID format matches the requirements.
- Triage Rule Not Found: If the specified triage rule does not exist or is not accessible, the node may return an error or empty result. Verify the triage rule ID or selection.
- Organization Filtering Issues: When using the organization filter, ensure the organization ID or name is correct and that the triage rule is visible to that organization or globally (ID 0).
- API Authentication Errors: If the API key credential is missing, invalid, or lacks permissions, the node will fail to execute. Check your credentials and permissions in n8n.
Links and References
- Binalyze AIR Official Documentation — For detailed API and triage rule information.
- n8n Documentation — For general guidance on using credentials and resource locators in nodes.