Overview
This node, named "Create Case Soar," is designed to create a case record in a Soar API service. It sends detailed case information to the specified Soar API endpoint, facilitating automated case creation workflows. This node is beneficial in scenarios where incident or case management needs to be integrated into an automation pipeline, such as security operations, customer support ticketing, or IT service management.
Practical examples include:
- Automatically creating a security incident case when suspicious activity is detected.
- Logging customer support cases from form submissions or monitoring alerts.
- Creating IT service requests based on system events.
Properties
| Name | Meaning |
|---|---|
| Url of Soar API | The endpoint URL for the Soar API service |
| Name of Case | Name of the case to be created |
| Catalog Type Code | Catalog type code categorizing the case |
| Customer Code | Customer identifier associated with the case |
| Department Code | Department responsible for the case |
| User Name | Username of the user creating the case |
| Case Code | Unique code for the case; can be dynamically set from input JSON data |
| Catalog Danger Level Code | Danger level classification code for the case catalog |
| SLA Code | Service Level Agreement code related to the case |
| Catalog Resolution Code | Resolution code for the case catalog |
| Description | Textual description of the case |
| Date Detection | Date and time when the case was detected (ISO 8601 format) |
| Date Occurrence | Date and time when the case occurred (ISO 8601 format) |
| Attachment IDs | Array of attachment IDs associated with the case (as a JSON string) |
| Type | Numeric type identifier for the case (e.g., 2) |
| Options | Numeric options flag for the case |
| More Information | Additional textual information about the case |
| Tenancy Code | Tenancy code associated with the case |
Output
The node outputs an array of JSON objects, each representing the result of a case creation attempt for each input item. Each output object contains:
success: Boolean indicating if the case creation succeeded.response: The full response returned by the Soar API after creating the case.caseName: The name of the case that was attempted to be created.- If an error occurs and the node is configured to continue on failure:
success: falseerror: Error message describing what went wrong.statusCode: HTTP status code of the failed request.response: Response body or text from the API, if available.
The node does not output binary data.
Dependencies
- Requires access to a Soar API service endpoint.
- Needs an API authentication token credential to authorize requests to the Soar API.
- The node expects the Soar API to accept POST requests with JSON bodies containing case details.
- The node uses the n8n HTTP Request helper to perform API calls.
Troubleshooting
Common issues:
- Invalid or missing API token causing authentication failures.
- Incorrect or unreachable Soar API URL leading to network errors.
- Malformed date inputs that cannot be converted to ISO 8601 format.
- Improperly formatted attachment IDs (should be a JSON array string).
- Required fields missing or empty, causing API validation errors.
Error messages:
- Errors include HTTP status codes and messages from the Soar API.
- The node logs detailed error information including request parameters and API responses.
- If the node is not set to continue on failure, it throws a detailed error with context.
Resolutions:
- Verify the API token and ensure it has sufficient permissions.
- Confirm the Soar API URL is correct and accessible from the n8n environment.
- Ensure date fields are valid dates or left empty.
- Provide attachment IDs as a valid JSON array string.
- Fill all required properties before execution.
Links and References
- ISO 8601 Date Format
- General REST API best practices for POST requests and authentication
- n8n documentation on HTTP Request Helper