Actions9
Overview
This node integrates with the Huntress API to retrieve detailed information about a specific Incident Report by its ID. It is useful in scenarios where users need to fetch and analyze security incident data recorded by Huntress, such as investigating threats or auditing past incidents.
For example, a security analyst could use this node to automatically pull incident details into a workflow for further processing, alerting, or reporting.
Properties
| Name | Meaning |
|---|---|
| Incident Report ID | The unique numeric identifier of the incident report to retrieve. |
Output
The node outputs JSON data representing the full details of the requested Incident Report as returned by the Huntress API. This typically includes fields such as incident description, timestamps, affected systems, severity, and remediation status.
No binary data output is indicated.
Dependencies
- Requires an active connection to the Huntress API.
- Needs an API authentication token configured in n8n credentials to authorize requests.
- The base URL for API requests is
https://api.huntress.io/v1.
Troubleshooting
Common issues:
- Invalid or missing Incident Report ID will cause the request to fail.
- Authentication errors if the API key credential is incorrect or expired.
- Network connectivity problems preventing access to the Huntress API endpoint.
Error messages:
- Errors including HTTP status codes (e.g., 401 Unauthorized) indicate credential or permission issues.
- 404 Not Found suggests the specified Incident Report ID does not exist.
Resolutions:
- Verify the Incident Report ID is correct and exists in Huntress.
- Ensure the API key credential is valid and has necessary permissions.
- Check network connectivity and proxy settings if applicable.
Links and References
- Huntress API Documentation (for detailed API endpoints and data structures)