Actions21
- Digital Footprint Actions
- Dark Web Monitoring Actions
- Incident Actions
- Takedown Actions
- User Audit Logs Actions
- DRP Fraud Protection Actions
- Brand Protection Actions
Overview
This node integrates with the SOCRadar API to provide various cybersecurity-related data and services. Specifically, for the Dark Web Monitoring resource with the Get Suspicious Content operation, it retrieves suspicious content related to a specified company from dark web sources. This can help organizations monitor potential threats, data leaks, or mentions of their company on the dark web.
Common scenarios where this node is beneficial include:
- Security teams monitoring for leaked credentials or sensitive information.
- Threat intelligence analysts tracking mentions of their company or assets on underground forums.
- Compliance officers ensuring no unauthorized exposure of company data.
Example use case: A security analyst sets the Company ID and optional filters like date range or search terms to fetch recent suspicious activities or mentions related to their organization from dark web sources.
Properties
| Name | Meaning |
|---|---|
| Company ID | The unique identifier of the company for which to retrieve suspicious dark web content. |
| Additional Fields | Optional filters and pagination controls: |
| - From Date | Start date to filter results (only content after this date). |
| - To Date | End date to filter results (only content before this date). |
| - Page | Page number for paginated results (default 1). |
| - Limit | Number of results per page (default 100). |
| - Search Term | Text term to filter the suspicious content results by keyword. |
Output
The node outputs an array of JSON objects representing suspicious content entries found on the dark web related to the specified company. Each entry typically includes details such as the content itself, timestamps, source information, and any metadata provided by the SOCRadar API.
If the node supports binary data output (not explicitly shown in the code), it would represent associated files or attachments related to suspicious content, but this is not indicated here.
Dependencies
- Requires an active SOCRadar API key credential configured in n8n.
- The node makes HTTP requests to the SOCRadar API base URL using the provided API key.
- No other external dependencies are indicated.
Troubleshooting
Common issues:
- Invalid or missing API key credential will cause authentication failures.
- Incorrect Company ID may result in empty or error responses.
- Date filters must be valid ISO date strings; invalid dates may cause errors.
- Pagination parameters out of range could lead to empty results.
Error messages:
- Errors returned from the SOCRadar API are captured and included in the output under
json.errorandjson.details. - If the node is set to continue on failure, errors do not stop execution but are reported per item.
- Common error details might include rate limiting, invalid parameters, or server errors.
- Errors returned from the SOCRadar API are captured and included in the output under
To resolve errors:
- Verify API key validity and permissions.
- Check that Company ID is correct.
- Ensure date formats and pagination values are valid.
- Review error details returned by the API for specific guidance.
Links and References
- SOCRadar Official Website
- SOCRadar API Documentation (for detailed API endpoints and parameters)