Asking here as others may benefit from the answer. (No rush on this as it's not blocking) What implementation of JSONPath does Tines use? The basics are largely the same, but filters/scripts seem to differ (I had this problem with Python libraries). Or is there some other quirk going on here? I'm trying to extract the value associated with the severity key to no avail. This works fine on jsonpath.com (minus escaping the quotes) (See thread)

Is there a tutorial for using the gmail api to send emails?

Hey, Is it possible to achieve the 'Where Not' equivalent of this

WHERE(compile_assets.array, "asset_type", LOOP.value)

in a single event transform? Where the loop value is a resource with a dictionary of 'asset_types' that i want to remove from the 'assets.array'. The

WHERE

works, but as the list of types im not interested in is smaller, it's easier to maintain the resource for those i don't want to keep. Thanks

Hello everyone! I am trying to iterate over array RESOURCE (an array of json blobs) pull out a specific value in the json, and then get the average of values. I am struggling with the liquid formula (output is “” regardless of what I try. Any suggestions (formula in thread)?

Hiya, working on a crowdstrike story and I get the following error. Has anyone experienced this before?

Hey folks, I think I deleted a story containing a webhook, so created a new story and replicated the path/secret and whilst it works, it's complaining that the webhook path is duplicated with another event. Changing the URL to the event in question doesn't show me the event, will it be deleted in the background at some point?

Hi, I had an msgraph integration that was working but now I'm getting a 401. I checked the credentials and I got a log-in prompt. I entered my creds and got this

Hey Community! https://www.tines.com/blog/chatbots-for-security-and-it-teams-part-3-creating-a-slack-chatbot in this example (Slash Commands), is the Slack Webhook URL entry corresponding to the Tines Story Webhook Action (I assume/99% certain)?

Hey all, anyone know what the size limit is for a resource list?

how to access the value in a dictionary object with one of the key special character {“addr.local”:“ip-172-16-1-1:88"}” in tines? tried |>get(%,[“addr.local”]) with no luck?

Is there an easy way to take an existing action and create a template from it? Currently I'm copying the action, extracting the

options

with some find/replace to unescape the `"`s and then pasting into the template UI.

I am brand-new to Tines. I’m not a programmer. I think there might be opportunities to incorporate logic into my stories with triggers and event transforms but I am not skilled in how to edit them. I have accessed Tines documentation but I cannot seem to find anything that resonates with me. I am attempting to write stories for a non-security related use case. My goal is to use my stories to enroll customers in fictious training from Contoso Education. I’m wondering how to incorporate logic into my stories. For example, how to get user name, course name, course date added to automated emails. A second example would be redacting user passwords when emails are sent to the operations team. Annotations for each of my stories are described below: New Contoso Education Account The goal of this story is to establish a new Contoso Education account. To enroll in a course, students that want to take Contoso training must have an account in the LMS in order to enroll in a course. To establish an account, prospective students must complete the form associated with this story. The new account story should generate a unique user ID and a confirmation email with login credentials (which are captured in the form associated with this story.) The registration email, with a redacted user password, would also be sent to the fictional Contoso Education Operations team. Contoso Education Enrollment Form This story aims to enroll a person in a training course. To enroll in a course, you must have an account in the LMS. If this is the first time the student is enrolling in a Contoso course, the new account story should run, then redirect the student back to the course enrollment story. To complete enrollment in a course, the student must complete the form associated with this story. After enrolling in a course, students will be sent a confirmation email. The fictional Contoso Education Operations team will also receive a copy of the enrollment email. (Presumably, another story preparing the student's training materials and lab access credentials would run and be sent to the student on the start date for their training.) Am I being too ambitious? Thanks for your insights!

Hi all! I've been tinkering with google automation and keep on getting 401 responses with our service account; I figure there's a simple thing I'm overlooking. Are there any pages or reference material I could look to for configuring and referencing credentials such as with google?

Hey all! Has anyone pulled Sumo Logic User lists and used Event Transformations to Explode the content? Getting:

Value at <X> is not an array or does not exist

As the return output is a huge list which is sub-divided into Arrays containing JSON, kinda like:

{
"get_a_list_of_users_in_sumo_logic":
{
"body":
{
"data":
[

{
"firstName":"X",
"lastName":"X",
"email":"X",
"roleIds":
[
],
"createdAt":"X",
"createdBy":"X",
"modifiedAt":"X",
"modifiedBy":"X",
"id":"X",
"isActive":true,
"isLocked":false,
"isMfaEnabled":false,
"lastLoginTimestamp":"X"
},

Followed by the next user etc.. Im not sure if I am using Explode correctly here

Is there a native way to generate a UUID? Could this be a custom formula? Currently using

<https://www.uuidgenerator.net/api>

Simple question here: for failed actions, is there an easy way to see the outgoing payload? Many APIs do not give friendly responses when payloads are malformed

Adding some error handling - are triggers the best way to handle error codes?

Hey Gang! Does anyone have any experience with getting OAUTH tokens from JamF API?

Does anyone also have an already-built action for disabling user account in Google Suite?

Hi Moustapha - is the event correctly encoded i.e. if you put it into https://www.base64decode.org does it decode correctly?

Hello everyone, hope you are all doing well, I'm trying to integrate our crowdstrike into tines and i'm following a guide from Tines itself but it isn't working is there someone that already has done this? thank you in advance

Hello everyone, just joined this channel via a customer. Considering mysel as a “Tines newbie”, I’m trying to retrieve details from alerts generated by VT Hunting rules. Anybody already automated this? Any tip?

Hi everyone, is there any function to validate email format, like the one for IP (

IS_IP_ADDRESS

)? TBH don't really want to regex it 🙂

Hello guys, I have a quick question for you, is it possible to use implode to generate an array with only filtered items after an explode is performed? do you have an example?

Hi everyone, does someone know why these function

STORY_RUN_GUID()

and

STORY_RUN_GUID()

always return empty when I call them ? I'm trying to use them the in the Webhook response body.

Hello, I am trying to create a story to which assessed emails I am using the MS graph to pull emails using the http request action. I have some logic run slip if attachments are in the email and then run another http request to get the attachment. the graph requires the following url: https://graph.microsoft.com/v1.0/me/mailFolders/inbox/messages/XXXXX/attachments the XXXXX is a placeholder for the messageID which I get from the original http request my question is this. How can I get the messageID value from the original http request without the quotations surrounding the ID? Any help would be greatly appreciated.

Hi team, I'm trying to use this functionality (Lampba as Resource). But it seems not working well. Here is a simple example I was trying and the errors I got. The resource definition of

Internal

{
  "calculation": "<<LAMBDA(num, num+1)>>"
}

Thanks in advance for your help.

Hi Moustapha - can you see if it works if you put it in quotes?

Howdy, is there a way to nest functions in as part of a json value? e.g.

object.(KEYS(object)[0])

or am I missing a simpler way to grab the first and only key out of a specific object when the actual name of the key will change from event to event