Actions21
- Digital Footprint Actions
- Dark Web Monitoring Actions
- Incident Actions
- Takedown Actions
- User Audit Logs Actions
- DRP Fraud Protection Actions
- Brand Protection Actions
Overview
The node integrates with the SOCRadar API to perform various security-related operations. Specifically, for the Incident - Get operation, it retrieves detailed information about a specific incident associated with a company. This is useful in scenarios where security analysts or automated workflows need to fetch incident details for investigation, reporting, or further processing.
Practical examples include:
- Automatically fetching incident details when an alert is triggered.
- Enriching incident data in a security dashboard.
- Integrating incident information into ticketing or case management systems.
Properties
| Name | Meaning |
|---|---|
| Company ID | The unique identifier of the company for which the incident belongs. |
| Incident ID | The unique identifier of the incident to retrieve (referred to as alarm_id in the API). |
Output
The node outputs a JSON object containing the detailed data of the requested incident as returned by the SOCRadar API. This typically includes all relevant incident attributes such as timestamps, status, severity, description, and any other metadata provided by the API.
If the node supports binary data output (not evident from the provided code), it would represent related files or attachments linked to the incident, but this is not indicated here.
Dependencies
- Requires an active SOCRadar API key credential configured in n8n.
- Needs network access to the SOCRadar API endpoint specified by the base URL in the credentials.
- The node depends on internal utility functions (
handleIncidentOperations) to handle the API calls and responses.
Troubleshooting
Common issues:
- Invalid or missing API key credential will cause authentication failures.
- Incorrect Company ID or Incident ID may result in "not found" errors.
- Network connectivity problems can lead to request timeouts or failures.
Error messages:
- Errors returned from the SOCRadar API are captured and included in the output JSON under
erroranddetails. - If the node is set to continue on failure, these errors do not stop execution but are passed along for handling downstream.
- To resolve errors, verify the correctness of input IDs, ensure valid API credentials, and check network connectivity.
- Errors returned from the SOCRadar API are captured and included in the output JSON under
Links and References
- SOCRadar Official API Documentation (for detailed API endpoints and data structures)
- n8n documentation on Creating Custom Nodes