Overview
This node, named "Update Case Soar," is designed to update case records in a Soar API service. It sends an HTTP PUT request to a specified Soar API endpoint with detailed case information, allowing users to modify existing cases programmatically within an n8n workflow.
Common scenarios where this node is beneficial include:
- Automating updates to incident or support cases in a security orchestration and response (Soar) platform.
- Integrating case management updates from other systems or workflows.
- Enriching case data with additional details such as attachments, dates, and custom codes.
Practical example:
A security analyst wants to update the status and details of a case after completing an investigation step. Using this node, they can send updated information like new descriptions, resolution codes, or attachments directly to the Soar system without manual intervention.
Properties
| Name | Meaning |
|---|---|
| Url of Soar API | The endpoint URL for the Soar API service where the case update request will be sent. |
| Name of Case | The name/title of the case to be updated. |
| Catalog Type Code | Code representing the catalog type classification of the case. |
| Customer Code | Identifier code for the customer related to the case. |
| Department Code | Code identifying the department associated with the case. |
| User Name | Username of the user performing the case update. |
| Case Code | Unique code of the case; can be dynamically set from input JSON data. |
| Catalog Danger Level Code | Code indicating the danger level classification of the case catalog. |
| SLA Code | Service Level Agreement code applicable to the case. |
| Catalog Resolution Code | Code representing the resolution category of the case catalog. |
| Description | Text description providing details about the case. |
| Date Detection | Date and time when the case was detected (ISO 8601 format). |
| Date Occurrence | Date and time when the case occurred (ISO 8601 format). |
| Attachment IDs | JSON array string of attachment IDs linked to the case (e.g., "[422]"). |
| Type | Numeric value representing the type of the case (default is 2). |
| Options | Numeric options flag for the case (default is 0). |
| More Information | Additional textual information about the case. |
| Tenancy Code | Code representing tenancy context for the case. |
Output
The node outputs an array of JSON objects, each corresponding to an input item processed. Each output object contains:
success: Boolean indicating if the update was successful.response: The body of the HTTP response returned by the Soar API.statusCode: HTTP status code from the API response.caseName: The name of the case that was updated.- If an error occurs and the node is configured to continue on failure, the output includes:
success: falseerror: Error message stringstatusCode: HTTP status code if availableresponse: Response body or error details from the API
The node does not output binary data.
Dependencies
- Requires access to a Soar API endpoint URL.
- Needs an API authentication token credential (referred generically as an API key credential) to authorize requests.
- The node expects the token to be provided via credentials configured in n8n.
- The HTTP request uses JSON content type and includes an "Accept-Language" header set to Vietnamese ("vi").
Troubleshooting
Common issues:
- Invalid or missing API token causing authorization failures.
- Incorrect or malformed Soar API URL leading to connection errors.
- Improperly formatted date/time fields causing date conversion warnings.
- Attachment IDs not properly formatted as a JSON array string.
- Required fields missing or empty, resulting in API validation errors.
Error messages and resolutions:
- "Update case failed: ... Status: ... Response: ...": Indicates the API rejected the update. Check the response body for details, verify all required fields, and ensure the token is valid.
- Date conversion failed for: Warning logged if date fields cannot be parsed into ISO format. Ensure date inputs are valid date strings or timestamps.
- Network or timeout errors: Verify network connectivity and correct API endpoint.
- If the node throws an error and is not set to continue on fail, the workflow execution will stop. To handle partial failures gracefully, enable "Continue On Fail" in the node settings.
Links and References
- n8n Documentation - Creating Custom Nodes
- HTTP PUT Method - MDN Web Docs
- Relevant Soar API documentation should be consulted for exact field definitions and expected values (not included here).