Actions21
- Digital Footprint Actions
- Dark Web Monitoring Actions
- Incident Actions
- Takedown Actions
- User Audit Logs Actions
- DRP Fraud Protection Actions
- Brand Protection Actions
Overview
This node integrates with the SOCRadar API to provide comprehensive cybersecurity data and monitoring capabilities. Specifically, for the Dark Web Monitoring resource with the Get Botnet Data operation, it retrieves information about botnet-related threats associated with a specified company. This can help security teams monitor potential compromises or exposures on the dark web related to their organization.
Common scenarios where this node is beneficial include:
- Security analysts tracking botnet activity targeting their company.
- Incident response teams investigating potential data leaks or breaches.
- Threat intelligence gathering to proactively identify risks from dark web sources.
Example use case: A security team wants to fetch recent botnet data for their company ID, filtering results by date range and searching for specific keywords related to their assets.
Properties
| Name | Meaning |
|---|---|
| Company ID | The unique identifier of the company for which to retrieve botnet data (required). |
| Additional Fields | Optional filters and pagination controls: |
| - From Date | Start date to filter botnet data from (date/time). |
| - To Date | End date to filter botnet data until (date/time). |
| - Page | Page number for paginated results (default 1). |
| - Limit | Number of results per page (default 100). |
| - Search Term | Keyword or phrase to filter the botnet data results. |
Output
The node outputs an array of JSON objects representing the retrieved botnet data entries. Each entry contains details about individual botnet incidents or records related to the specified company.
If errors occur during execution, the output may include error objects with messages and additional details explaining the failure.
No binary data output is produced by this operation.
Dependencies
- Requires an active SOCRadar API key credential configured in n8n.
- Network access to the SOCRadar API endpoint.
- Proper configuration of the API base URL and authentication headers handled internally by the node.
Troubleshooting
Common issues:
- Invalid or missing company ID will result in API errors or empty responses.
- Incorrect date formats in "From Date" or "To Date" fields may cause request failures.
- Exceeding rate limits imposed by the SOCRadar API could lead to temporary blocking.
- Pagination parameters outside valid ranges might return no data or errors.
Error messages:
- Errors returned from the API are captured and included in the output JSON under
erroranddetails. - If the node is set to continue on failure, these errors do not stop execution but are reported per item.
- Common error resolution steps include verifying credentials, checking parameter values, and ensuring network connectivity.
- Errors returned from the API are captured and included in the output JSON under
Links and References
- SOCRadar Official Website
- SOCRadar API Documentation (for detailed API usage and parameters)