AvantGuard - ConnectSecure

Actions223

Reports Actions
- Get List Standard Report
- Post Create Report
- Get Report Settings
- Post Report Settings
- Get Retrieve Report Jobs View
- Get Retrieve Report Job View
- Get Download Report
Compliance Actions
- Get Retrieve Compliance Types
- Get Retrieve Records
Jobs Actions
- Get Retrieve Job Details View
- Get Retrieve Job Details
Active Directory Actions
- Get Retrieve Ad Roles
- Get Retrieve Ad User Licenses
- Get Retrieve Azure Licenses
- Get Retrieve Azure Ad Logs
- Get Retrieve Azure Secure Score
- Get Retrieve Ad Password Policies
- Get Retrieve Ad Groups View
- Get Retrieve Ad Ous View
- Get Retrieve Ad Gpos View
- Get Retrieve Ad Computers View
- Get Retrieve Ad Users View
- Get Retrieve Ad Domain Details
- Get Retrieve Ad Gpos Details
- Get Retrieve Get Ous Details
- Get Retrieve Get Groups Details
- Get Retrieve Ad Group Users
- Get Retrieve Ad Group Computers
- Get Retrieve Get User Details
- Get Retrieve Get Computer Details
- Get Retrieve Ad Roles Details
- Get Retrieve Ad Roles Member
- Get Retrieve Ad Basic Info
Audit Log Actions
- Get Retrieve Audit Log
Ad Audit Actions
- Get Retrieve Event Stats
- Get Retrieve User Event Stats
- Get Retrieve User Locked Stats
- Get Retrieve User Enabled Stats
Scheduler Actions
- Get Retrieve Scheduler
- Post Create Scheduler
- Patch Update Scheduler
- Delete Delete Scheduler
- Post Update Schedule
Application Baseline Actions
- Get Retrieve Application Baseline Rules
- Get Retrieve Application Baseline Rule
- Post Create Application Baseline Rule
- Patch Update Application Baseline Rule
- Delete Delete Application Baseline Rule
- Get Retrieve App Baseline Plan Assets
- Get Retrieve App Baseline Plan Asset
- Get Retrieve App Baseline Plan Company
- Get Retrieve App Baseline Plan Global
Attack Surface Actions
- Get Retrieve Attack Surface Domain
- Post Create Attack Surface Domain
- Patch Update Attack Surface Domain
- Delete Delete Attack Surface Domain
- Get Retrieve Attack Surface Results
- Get Retrieve Attack Surface Result
Backup Software Actions
- Get Retrieve Backup Software
- Post Create Backup Software
- Patch Update Backup Software
- Delete Delete Backup Software
EDR Actions
- Get Retrieve Edr
- Post Create Edr
- Patch Update Edr
- Delete Delete Edr
Tags Actions
- Get Retrieve Tag Rules
- Get Retrieve Tag Rule
- Post Create Tag Rule
- Patch Update Tag Rule
- Delete Delete Tag Rule
- Get Retrieve Tags
- Get Retrieve Tag
- Post Create Tag
- Patch Update Tag
- Delete Delete Tag
PII Actions
- Get Retrieve Pii Scan Settings
- Get Retrieve Pii Scan Setting
- Post Create Pii Scan Setting
- Patch Update Pii Scan Setting
- Delete Delete Pii Scan Setting
External Scan Actions
- Get Retrieve Custom Profile
- Post Create Custom Profile
- Patch Update Custom Profile
- Delete Delete Custom Profile
- Post Scan External Endpoint
Settings Actions
- Get Retrieve Custom Domains
- Get Retrieve Custom Domain
- Post Custom Domain
Compliance Assessment Actions
- Get Retrieve Compliance Assessment
- Post Create Compliance Assessment
- Patch Update Compliance Assessment
- Delete Delete Compliance Assessment
Auth Actions
- Post Authorize
Company Actions
- Get Retrieve Asset Windows Compatibility
- Get Retrieve Companies
- Get Retrieve Company
- Post Create Company
- Patch Update Company
- Delete Delete Company
- Get Retrieve Company Stats
- Get Retrieve Company Stat
- Get Retrieve Jobs View
- Get Retrieve Job View
- Get Retrieve Adaudit
- Get Retrieve Event Tickets
Agent Actions
- Get Retrieve Agents
- Get Retrieve Agent
- Post Migrate Agents
Credentials Actions
- Get Retrieve Credentials
- Get Retrieve Credential
- Post Create Credential
- Patch Update Credential
- Delete Delete Credential
- Get Retrieve Agent Credentials Mapping
- Get Retrieve Agent Credential Mapping
- Post Create Agent Credential Mapping
- Patch Update Agent Credential Mapping
- Delete Delete Agent Credential Mapping
Asset Actions
- Get Retrieve Records
- Get Retrieve Assets
- Get Retrieve Asset
- Post Create Asset
- Patch Update Asset
- Delete Delete Asset
- Get Retrieve Asset Stats
- Get Retrieve Asset Stat
- Get Retrieve Asset View
- Get Retrieve Cron Jobs
- Get Retrieve Kernel Modules
- Get Retrieve Suid Permissions
- Get Retrieve Ufw Firewall Rules
- Get Retrieve Selinux Settings
- Get Retrieve Asset Iptables Rules
- Get Retrieve Asset Users
- Get Retrieve Asset Processes Running
- Get Retrieve Asset Services
- Get Retrieve Asset Patches Info
- Get Retrieve Asset Firewall Rules
- Get Retrieve Asset Registry Misconfiguration
- Get Retrieve Asset Open Ports
- Get Retrieve Notification Tickets View
- Get Retrieve System Events View
Discovery Settings Actions
- Get Retrieve Discovery Settings
- Get Retrieve Discovery Setting
- Post Create Discovery Setting
- Patch Update Discovery Setting
- Delete Delete Discovery Setting
- Get Retrieve Agent Discoverysettings Mapping
- Get Retrieve Agent Discoverysetting Mapping
- Post Create Agent Discoverysetting Mapping
- Patch Update Agent Discoverysetting Mapping
- Delete Delete Agent Discoverysetting Mapping
Asset Data Actions
- Get Retrieve Asset Compliance Report Card
- Get Retrieve Asset Firewall Policy
- Get Retrieve Asset Installed Drivers
- Get Retrieve Asset Installed Driver
- Get Retrieve Asset Interface
- Get Retrieve Asset Msdt
- Get Retrieve Asset Ports
- Get Retrieve Asset Port
- Get Retrieve Asset Security Report Data
- Get Retrieve Asset Security Report Datum
- Get Retrieve Asset Shares
- Get Retrieve Asset Share
- Get Retrieve Asset Storages
- Get Retrieve Asset Storage
- Get Retrieve Asset Unqouted Services
- Get Retrieve Asset Unqouted Service
- Get Retrieve Asset User Shares
- Get Retrieve Asset User Share
- Get Retrieve Asset Video Info
- Get Retrieve Asset Windows Reboot Required
- Get Retrieve Asset Window Reboot Required
- Get Retrieve Bios Info
- Get Retrieve Bio Info
- Get Retrieve Browser Extensions
- Get Retrieve Browser Extension
- Get Retrieve Ciphers View
- Get Retrieve Cipher View
- Get Retrieve Windows Protection Status
- Get Retrieve Window Protection Status
Vulnerabilities Actions
- Get Retrieve Remediated
- Get Retrieve Suppress Vulnerability
- Get Retrieve Suppres Vulnerability
- Post Create Suppres Vulnerability
- Patch Update Suppres Vulnerability
- Delete Delete Suppres Vulnerability
- Get Retrieve Records
Firewall Actions
- Get Retrieve Firewall Groups
- Get Retrieve Firewall Group
- Get Retrieve Firewall Interfaces
- Get Retrieve Firewall Interface
- Get Retrieve Firewall License
- Get Retrieve Firewall Rules
- Get Retrieve Firewall Rule
- Get Retrieve Firewall Users
- Get Retrieve Firewall User
- Get Retrieve Firewall Zones
- Get Retrieve Firewall Zone
Integration Actions
- Get Retrieve Integration Credentials
- Get Retrieve Integration Credential
- Post Create Integration Credential
- Patch Update Integration Credential
- Delete Delete Integration Credential
- Get Retrieve Integration Rules
- Get Retrieve Integration Rule
- Post Create Integration Rule
- Patch Update Integration Rule
- Delete Delete Integration Rule
- Get Retrieve Company Mappings
- Get Retrieve Company Mapping
- Post Create Company Mapping
- Patch Update Company Mapping
- Delete Delete Company Mapping
Event Set Actions
- Get Retrieve Event Set
- Post Create Event Set
- Patch Update Event Set
- Delete Delete Event Set
Ticket Template Actions
- Get Retrieve Custom Ticketing Template
- Post Create Custom Ticketing Template
- Patch Update Custom Ticketing Template
- Delete Delete Custom Ticketing Template

Overview

This node allows you to create an Endpoint Detection and Response (EDR) record by sending a POST request with specified user identification and optional additional data fields. It is useful in security automation workflows where you want to programmatically report or log EDR events into a system that supports such API interactions.

Typical use cases include:

Automatically creating EDR entries when suspicious activity is detected.
Integrating with security platforms to enrich incident data.
Logging firewall or ransomware-related events with custom metadata.

Properties

Name	Meaning
X USER ID	The User ID header value sent with the request, identifying the user associated with the EDR event. This is required.
Additional Body Fields	Optional JSON fields to add to the request body. Includes: `data` object with boolean flags like `regex`, `is_firewall`, and `is_antirandsome`.

The Additional Body Fields property lets you customize the payload with extra details about the EDR event, for example:

{
  "data": {
    "regex": false,
    "is_firewall": false,
    "is_antirandsome": false
  }
}

Output

The node outputs the response from the API call as JSON in the json output field. This typically contains confirmation of the created EDR record or any error messages returned by the server.

No binary data output is produced by this node.

Dependencies

Requires an API key credential for authentication to the AvantGuard ConnectSecure API.
Needs the base URL of the API endpoint configured in the credentials.
Uses HTTP headers including X-USER-ID to identify the user making the request.
The node depends on the @avantguardllc/n8n-openapi-node package and an OpenAPI specification (openapi.json) bundled internally for request building.

Troubleshooting

Missing or invalid X USER ID header: The API requires this header; ensure it is provided and correctly formatted.
Invalid JSON in Additional Body Fields: If the JSON is malformed, the request will fail. Use valid JSON syntax.
Authentication errors: Verify that the API key credential is set up correctly and has necessary permissions.
Network or base URL issues: Confirm the base URL is correct and reachable from your n8n instance.
API response errors: Check the response message for specific error codes or messages to adjust input parameters accordingly.

Links and References

AvantGuard ConnectSecure API Documentation (example placeholder link)
n8n HTTP Request Node Documentation (for general API interaction concepts)

AvantGuard - ConnectSecureInstall