AvantGuard - ConnectSecure

Actions223

Reports Actions
- Get List Standard Report
- Post Create Report
- Get Report Settings
- Post Report Settings
- Get Retrieve Report Jobs View
- Get Retrieve Report Job View
- Get Download Report
Compliance Actions
- Get Retrieve Compliance Types
- Get Retrieve Records
Jobs Actions
- Get Retrieve Job Details View
- Get Retrieve Job Details
Active Directory Actions
- Get Retrieve Ad Roles
- Get Retrieve Ad User Licenses
- Get Retrieve Azure Licenses
- Get Retrieve Azure Ad Logs
- Get Retrieve Azure Secure Score
- Get Retrieve Ad Password Policies
- Get Retrieve Ad Groups View
- Get Retrieve Ad Ous View
- Get Retrieve Ad Gpos View
- Get Retrieve Ad Computers View
- Get Retrieve Ad Users View
- Get Retrieve Ad Domain Details
- Get Retrieve Ad Gpos Details
- Get Retrieve Get Ous Details
- Get Retrieve Get Groups Details
- Get Retrieve Ad Group Users
- Get Retrieve Ad Group Computers
- Get Retrieve Get User Details
- Get Retrieve Get Computer Details
- Get Retrieve Ad Roles Details
- Get Retrieve Ad Roles Member
- Get Retrieve Ad Basic Info
Audit Log Actions
- Get Retrieve Audit Log
Ad Audit Actions
- Get Retrieve Event Stats
- Get Retrieve User Event Stats
- Get Retrieve User Locked Stats
- Get Retrieve User Enabled Stats
Scheduler Actions
- Get Retrieve Scheduler
- Post Create Scheduler
- Patch Update Scheduler
- Delete Delete Scheduler
- Post Update Schedule
Application Baseline Actions
- Get Retrieve Application Baseline Rules
- Get Retrieve Application Baseline Rule
- Post Create Application Baseline Rule
- Patch Update Application Baseline Rule
- Delete Delete Application Baseline Rule
- Get Retrieve App Baseline Plan Assets
- Get Retrieve App Baseline Plan Asset
- Get Retrieve App Baseline Plan Company
- Get Retrieve App Baseline Plan Global
Attack Surface Actions
- Get Retrieve Attack Surface Domain
- Post Create Attack Surface Domain
- Patch Update Attack Surface Domain
- Delete Delete Attack Surface Domain
- Get Retrieve Attack Surface Results
- Get Retrieve Attack Surface Result
Backup Software Actions
- Get Retrieve Backup Software
- Post Create Backup Software
- Patch Update Backup Software
- Delete Delete Backup Software
EDR Actions
- Get Retrieve Edr
- Post Create Edr
- Patch Update Edr
- Delete Delete Edr
Tags Actions
- Get Retrieve Tag Rules
- Get Retrieve Tag Rule
- Post Create Tag Rule
- Patch Update Tag Rule
- Delete Delete Tag Rule
- Get Retrieve Tags
- Get Retrieve Tag
- Post Create Tag
- Patch Update Tag
- Delete Delete Tag
PII Actions
- Get Retrieve Pii Scan Settings
- Get Retrieve Pii Scan Setting
- Post Create Pii Scan Setting
- Patch Update Pii Scan Setting
- Delete Delete Pii Scan Setting
External Scan Actions
- Get Retrieve Custom Profile
- Post Create Custom Profile
- Patch Update Custom Profile
- Delete Delete Custom Profile
- Post Scan External Endpoint
Settings Actions
- Get Retrieve Custom Domains
- Get Retrieve Custom Domain
- Post Custom Domain
Compliance Assessment Actions
- Get Retrieve Compliance Assessment
- Post Create Compliance Assessment
- Patch Update Compliance Assessment
- Delete Delete Compliance Assessment
Auth Actions
- Post Authorize
Company Actions
- Get Retrieve Asset Windows Compatibility
- Get Retrieve Companies
- Get Retrieve Company
- Post Create Company
- Patch Update Company
- Delete Delete Company
- Get Retrieve Company Stats
- Get Retrieve Company Stat
- Get Retrieve Jobs View
- Get Retrieve Job View
- Get Retrieve Adaudit
- Get Retrieve Event Tickets
Agent Actions
- Get Retrieve Agents
- Get Retrieve Agent
- Post Migrate Agents
Credentials Actions
- Get Retrieve Credentials
- Get Retrieve Credential
- Post Create Credential
- Patch Update Credential
- Delete Delete Credential
- Get Retrieve Agent Credentials Mapping
- Get Retrieve Agent Credential Mapping
- Post Create Agent Credential Mapping
- Patch Update Agent Credential Mapping
- Delete Delete Agent Credential Mapping
Asset Actions
- Get Retrieve Records
- Get Retrieve Assets
- Get Retrieve Asset
- Post Create Asset
- Patch Update Asset
- Delete Delete Asset
- Get Retrieve Asset Stats
- Get Retrieve Asset Stat
- Get Retrieve Asset View
- Get Retrieve Cron Jobs
- Get Retrieve Kernel Modules
- Get Retrieve Suid Permissions
- Get Retrieve Ufw Firewall Rules
- Get Retrieve Selinux Settings
- Get Retrieve Asset Iptables Rules
- Get Retrieve Asset Users
- Get Retrieve Asset Processes Running
- Get Retrieve Asset Services
- Get Retrieve Asset Patches Info
- Get Retrieve Asset Firewall Rules
- Get Retrieve Asset Registry Misconfiguration
- Get Retrieve Asset Open Ports
- Get Retrieve Notification Tickets View
- Get Retrieve System Events View
Discovery Settings Actions
- Get Retrieve Discovery Settings
- Get Retrieve Discovery Setting
- Post Create Discovery Setting
- Patch Update Discovery Setting
- Delete Delete Discovery Setting
- Get Retrieve Agent Discoverysettings Mapping
- Get Retrieve Agent Discoverysetting Mapping
- Post Create Agent Discoverysetting Mapping
- Patch Update Agent Discoverysetting Mapping
- Delete Delete Agent Discoverysetting Mapping
Asset Data Actions
- Get Retrieve Asset Compliance Report Card
- Get Retrieve Asset Firewall Policy
- Get Retrieve Asset Installed Drivers
- Get Retrieve Asset Installed Driver
- Get Retrieve Asset Interface
- Get Retrieve Asset Msdt
- Get Retrieve Asset Ports
- Get Retrieve Asset Port
- Get Retrieve Asset Security Report Data
- Get Retrieve Asset Security Report Datum
- Get Retrieve Asset Shares
- Get Retrieve Asset Share
- Get Retrieve Asset Storages
- Get Retrieve Asset Storage
- Get Retrieve Asset Unqouted Services
- Get Retrieve Asset Unqouted Service
- Get Retrieve Asset User Shares
- Get Retrieve Asset User Share
- Get Retrieve Asset Video Info
- Get Retrieve Asset Windows Reboot Required
- Get Retrieve Asset Window Reboot Required
- Get Retrieve Bios Info
- Get Retrieve Bio Info
- Get Retrieve Browser Extensions
- Get Retrieve Browser Extension
- Get Retrieve Ciphers View
- Get Retrieve Cipher View
- Get Retrieve Windows Protection Status
- Get Retrieve Window Protection Status
Vulnerabilities Actions
- Get Retrieve Remediated
- Get Retrieve Suppress Vulnerability
- Get Retrieve Suppres Vulnerability
- Post Create Suppres Vulnerability
- Patch Update Suppres Vulnerability
- Delete Delete Suppres Vulnerability
- Get Retrieve Records
Firewall Actions
- Get Retrieve Firewall Groups
- Get Retrieve Firewall Group
- Get Retrieve Firewall Interfaces
- Get Retrieve Firewall Interface
- Get Retrieve Firewall License
- Get Retrieve Firewall Rules
- Get Retrieve Firewall Rule
- Get Retrieve Firewall Users
- Get Retrieve Firewall User
- Get Retrieve Firewall Zones
- Get Retrieve Firewall Zone
Integration Actions
- Get Retrieve Integration Credentials
- Get Retrieve Integration Credential
- Post Create Integration Credential
- Patch Update Integration Credential
- Delete Delete Integration Credential
- Get Retrieve Integration Rules
- Get Retrieve Integration Rule
- Post Create Integration Rule
- Patch Update Integration Rule
- Delete Delete Integration Rule
- Get Retrieve Company Mappings
- Get Retrieve Company Mapping
- Post Create Company Mapping
- Patch Update Company Mapping
- Delete Delete Company Mapping
Event Set Actions
- Get Retrieve Event Set
- Post Create Event Set
- Patch Update Event Set
- Delete Delete Event Set
Ticket Template Actions
- Get Retrieve Custom Ticketing Template
- Post Create Custom Ticketing Template
- Patch Update Custom Ticketing Template
- Delete Delete Custom Ticketing Template

Overview

This node is designed to update an Endpoint Detection and Response (EDR) record by sending a PATCH request with specified fields. It allows users to modify certain attributes of an EDR entry, such as flags related to firewall status, ransomware protection, or regex usage, identified by an ID. This operation is useful in scenarios where security configurations or metadata about endpoints need to be updated dynamically based on new information or policy changes.

Practical examples include:

Updating the firewall status of an endpoint after a security audit.
Modifying detection rules or flags for ransomware protection on specific devices.
Adjusting regex-based detection parameters for endpoint monitoring.

Properties

Name	Meaning
X USER ID	The user identifier required for authentication or tracking purposes in the API header.
Additional Body Fields	Optional fields to include in the PATCH request body:
	- Data: JSON object containing boolean flags such as `regex`, `is_firewall`, `is_antirandsome`.
	- Id: Numeric identifier of the EDR record to update.

Output

The node outputs the JSON response returned from the PATCH request to the EDR API. This typically includes the updated EDR record details reflecting the changes made. The output does not explicitly handle binary data.

Dependencies

Requires an API key credential for authenticating requests to the AvantGuard ConnectSecure service.
Needs the base URL of the API configured in the credentials.
Uses the @avantguardllc/n8n-openapi-node package and an OpenAPI specification (openapi.json) bundled with the node for request building.

Troubleshooting

Missing or invalid X USER ID: The node requires a valid user ID header; ensure this is provided and correctly formatted.
Invalid or missing EDR record ID: The id field must correspond to an existing EDR record; otherwise, the API may return a not found or validation error.
Malformed JSON in Data field: The data property expects valid JSON; syntax errors will cause request failures.
Authentication errors: Verify that the API key credential is correctly set up and has sufficient permissions.
API connectivity issues: Check network access to the configured base URL and ensure the API service is reachable.

Links and References

AvantGuard ConnectSecure API Documentation (example placeholder link)
n8n Documentation on HTTP Request Nodes

AvantGuard - ConnectSecureInstall