Huntress

Work with the Huntress API

Actions11

Agent Actions
- Get
- Get Many
Billing Report Actions
- Get
- Get Many
Incident Report Actions
- Get
- Get Many
Organization Actions
- Get
Signal Actions
- Get
- Get Many
Summary Report Actions
- Get
- Get Many

Overview

This node interacts with the Huntress API to retrieve detailed information about a specific Incident Report. It is designed to fetch data for a given incident report ID, which can be useful in security monitoring, incident management, or automated workflows that require insights into particular security incidents detected by Huntress.

Typical use cases include:

Automatically retrieving incident details after an alert triggers.
Integrating incident data into dashboards or ticketing systems.
Enriching security event workflows with contextual incident information.

Properties

Name	Meaning
Incident Report ID	The unique numeric identifier of the incident report to retrieve from the Huntress API.

Output

The node outputs JSON data representing the full details of the specified incident report. This typically includes fields such as incident description, timestamps, affected systems, severity, and remediation status. The output structure directly reflects the response from the Huntress API endpoint for incident reports.

No binary data output is produced by this operation.

Dependencies

Requires an active connection to the Huntress API.
Needs an API authentication token configured in n8n credentials to authorize requests.
The base URL used for API calls is https://api.huntress.io/v1.

Troubleshooting

Common issues:
- Invalid or missing Incident Report ID will result in errors or empty responses.
- Authentication failures due to incorrect or expired API tokens.
- Network connectivity problems preventing access to the Huntress API.
Error messages:
- Errors returned from the API will typically include HTTP status codes and messages (e.g., 404 Not Found if the incident report ID does not exist).
- Credential test failures will return descriptive error messages indicating connection or authorization issues.
Resolutions:
- Verify the Incident Report ID is correct and exists in the Huntress system.
- Ensure the API key credential is valid and has necessary permissions.
- Check network settings and firewall rules to allow outbound HTTPS traffic to the Huntress API endpoint.

Links and References

Huntress API Documentation (for detailed API endpoints and data structures)
n8n Documentation on Credentials (for setting up API authentication)