https://tines.com/ logo
Join Slack
Powered by
# community-help
  • p

    prehistoric-byte-67742

    11/27/2021, 3:48 PM
    I want to skip a schedule that runs every day under certain conditions. How can I implement this? 🤔 • There is a scheduled HTTP request that will be executed at 9:30AM every day. A) Executed a little earlier at 9:10 am from a Slack slash command → Skip the HTTP request that will be executed at 9:30 am that day B) As usual → automatically executed at 9:30 am
    m
    r
    • 3
    • 6
  • r

    red-caravan-3691

    12/09/2021, 10:00 PM
    Hey @rough-artist-60672 Sorry, I forgot to add earlier - Dry run is great as you can see the response, but I am getting a 404 and trying to work out why.. is there anyway for me to see my formulated executed payload?
    m
    • 2
    • 9
  • s

    shy-wire-13053

    01/25/2022, 4:35 PM
    Quick question. I have an action that returns a list of tags, and then a second action that pulls in all of the details for the tags. Is there a way that I can iterate through either one to combine them to show the detailed information for the tags returned for a given IP?
    r
    m
    • 3
    • 7
  • e

    elegant-machine-17590

    02/12/2022, 5:33 PM
    Getting back into Tines after about 8 months away - is there a point where a community tenant gets blown away? Trying to log in and I'm not seeing any tenants. Tried to create a new one and they don't exist. Not sure if I'm stuck in some sort of inactivity limbo?
    b
    • 2
    • 1
  • n

    narrow-rocket-50910

    02/15/2022, 11:25 PM
    Having trouble with the creation of a jira ticket. I am attempting have it check if I have configured a user for an assignee, if so add user as assignee. If no user is configured I would like it to go unassigned. • After some research I was able to determine that if the assignee is null then it will leave the ticket unassigned • Issue, if you have the action configured to accept an assignee, the actual structure of needs to be altered for it to be considered "null". For example: This will return a 400 "Specify a valid value for assignee":
    Copy code
    "assignee": {
        "id": ""
    }
    But this will return a 200 and create the ticket with a user unassigned:
    Copy code
    "assignee": {}
    I know I can easily get around this by creating two different HTTP Actions and a Trigger, but was wondering if there may be a better way to do this.? This is what I was working with so you get an idea of what I was going for:
    Copy code
    "assignee": {
            "id": "{% assign accountEmail = .list_users_in_jira.body.first.emailAddress %}{% if .extract_configuration.config_object.jira_rcpt == accountEmail %}{{ .list_users_in_jira.body.first.accountId}}{% else %}{% endif %}"
          }
    m
    g
    +2
    • 5
    • 11
  • r

    red-caravan-3691

    02/17/2022, 12:10 AM
    Has anyone enhanced the fantastic story “Crowdstrike Response Blog” with a filter of detections by severity at all? Including “`{`
    "limit": "10",
    "sort": "first_behavior|desc",
    "filter": "severity:'High'"
    `}`” within the payload yields blank results (also tried case-sensitive) Amending the called URL directly via “`/detections?filter=severity%3A%27High%27%2Bseverity%3A%27Critical%27%2Bseverity%3A%27Medium%27&groupBy=none&sortBy=date%3Adesc`” gives a “Validation Error” If possible, I’d prefer to do this in the payload so I can take this example and learn for next time
    a
    b
    • 3
    • 12
  • a

    abundant-pilot-90646

    03/02/2022, 5:42 PM
    Hello, Has anyone used the List IAM Users request in AWS? I am curious if you are able to apply parameters to the request so it only lists users form certain groups, and also if there is a way to list policies for users.
    m
    • 2
    • 9
  • b

    big-jewelry-40968

    03/02/2022, 7:14 PM
    Hi! Has anyone tried automatically exporting Stories to an S3 bucket? I just wanna know what data to pass on with the request. Thanks@
    m
    • 2
    • 2
  • r

    red-caravan-3691

    03/03/2022, 4:58 AM
    Hello world! Has anyone got any examples or luck using Triggers that are looking for
    within X number of days from now
    or
    within the past X number of days until now
    I know this example (
    "now" | date: "%Y-%m-%d"
    ) is equal to today Hope this makes sense. TY!
    r
    m
    • 3
    • 10
  • a

    alert-apple-51290

    03/05/2022, 5:20 PM
    Has anybody had success using the Airtable public templates? I've given it a try but keep getting a 404 error. This even happens when using the basic "List Bases in Airtable" which has a pre-defined URL (https://api.airtable.com/v0/meta/bases). Any thoughts on how I can best troubleshoot this? TIA
    m
    • 2
    • 3
  • d

    delightful-iron-88953

    03/09/2022, 1:23 AM
    Looking for an assist on Crowdstrike, reference the Tine Blog
    r
    • 2
    • 6
  • d

    delightful-iron-88953

    03/09/2022, 3:40 AM
    Need another assist - again referencing the Crowdstrike Blog, attempting to build the resource
    crowdstrike_api
    - the error is invalid URL
    m
    • 2
    • 6
  • g

    gentle-carpet-19118

    03/10/2022, 3:24 PM
    Hi, I am trying to work with the GitHub API. Proper throttling aside, I am having issues paginating the api. An example url I need to call would be https://api.github.com/orgs/myorg/repos?per_page=100&page=0. I need a way to increment the page counter. I can check the output of the request to see if it still has data, I just can't find a way to actually increase the page number.
    m
    m
    • 3
    • 4
  • g

    green-architect-4647

    03/11/2022, 12:41 PM
    Asking for a friend, is there a way to get all message for all users via the Gmail API? The
    users.messages.list
    route requires a UserId. Maybe creating a company wide group that receives a copy of every email?
    a
    • 2
    • 2
  • h

    helpful-jordan-62716

    03/14/2022, 4:37 PM
    Hello - a quick question. Is there a way to get a server session in Tines and reuse this for later HTTP requests? So basically what I'd be doing like this in python:
    Copy code
    login_url = self.base_url.format(server=server, port=port) + "/login.html"
            session = requests.session()
            login_response = <http://session.post|session.post>(login_url, data=data, verify=True, headers=headers)
    Thank you 🙂
    m
    b
    • 3
    • 6
  • s

    silly-finland-71256

    03/15/2022, 11:07 AM
    Let’s say I want to include a trigger for a JSON value that should never be there, but want to trigger something if it does appear, how do I set that up? Because including a trigger for that particular variable doesn’t work, since the trigger rules don’t match and thus it won’t emit anything.
    • 1
    • 1
  • g

    green-architect-4647

    03/17/2022, 1:59 PM
    Any tips on using
    jsonparse
    with spaces? From the VirusTotal API I want to enumerate the Alexa and Umbrella ranks. Using
    search_for_domain_address_in_virustotal.body.data.attributes.popularity_ranks | jsonpath: "Alexa.rank"
    works fine and returns
    1
    , but
    search_for_domain_address_in_virustotal.body.data.attributes.popularity_ranks | jsonpath: "Cisco Umbrella.rank"
    returns the whole JSON dict. Only difference is the space? Testing with https://jsonpath.com/ it also works so I can't understand why.
    g
    • 2
    • 2
  • r

    rapid-king-38539

    03/24/2022, 3:45 PM
    This is more of a Slack question than a Tines one, I think, but maybe someone else has run in to the same problem. I'm using
    chat.postMessage
    to post a message to an IM session between a chatbot and a user. That works fine, and I get back a channel ID and a timestamp on the message sent. I then try
    chat.update
    with that channel ID and timestamp, trying to update the message, and it invariably returns a
    message_not_found
    . Has anyone successfully done a
    postMessage
    followed by an
    update
    within a Tines story?
    g
    • 2
    • 3
  • t

    thankful-potato-8143

    03/24/2022, 4:31 PM
    Noob here - I’m trying to get the unique values for the strings inside the red box
    r
    m
    • 3
    • 42
  • r

    rapid-king-38539

    03/24/2022, 7:53 PM
    I'm trying to assemble a send-to-story around prompting a user to respond to something via Slack, and then catching their response. The whole process works except for returning the results to the original Send To Story action. This may be because there's two web hooks involved - one to receive the StS event, and another to get the response from Slack. They aren't connected, so I'm assuming there's some metadata that needs to propagate between them to associate the events with the StS action. Is this documented anywhere?
    m
    • 2
    • 4
  • t

    thankful-potato-8143

    03/28/2022, 3:55 PM
    Is there a tutorial for connecting Tines to Jamf?
    m
    • 2
    • 13
  • g

    gray-wall-69994

    03/31/2022, 1:25 PM
    Has anyone set up/hosted EDLs on Tines for proactive blocking to firewalls? e.g. Palo Alto
    a
    • 2
    • 9
  • a

    agreeable-ram-12207

    04/05/2022, 9:52 PM
    Hello, I am trying to see if I can be assisted with clearing all logs that have been stored in any tines systems in reference to two stories created in our accounts, along with any information about potential access to these logs from outside of our org
    m
    • 2
    • 1
  • r

    red-caravan-3691

    04/07/2022, 9:22 PM
    Hey Team! Anyone else having issues importing story (specifically) Get more context via GuardDuty to remediate AWS alerts? Shows as blank.. TYIA!
    s
    a
    • 3
    • 9
  • c

    creamy-lawyer-45588

    04/08/2022, 1:57 PM
    Hey everyone, could use some points on transforming an API response into a subset of data I want to use for a next step. I basically have a large JSON response, and I want to pull out objects from that response where one of the values matches. Here is an example: I want to pull any object where the created_at date is today. Any gudiance?
    Copy code
    {
      "metadata": [
        {
          "id": "0fcdd87b-258d-44dd-8d34-47818732e8e4",
          "label": "MAILBOX_BRUTEFORCER",
          "slug": "mailbox-bruteforcer",
          "name": "Mailbox Bruteforcer",
          "category": "activity",
          "intention": "malicious",
          "description": "This IP address has been observed attempting to bruteforce POP3 and IMAP usernames and passwords.",
          "references": [],
          "recommend_block": true,
          "cves": [],
          "created_at": "2020-04-07",
          "related_tags": null
        },
        {
          "id": "98f9ab2d-3eb1-4292-8232-2eb164b58aa9",
          "label": "NETGAIN_EM_CMD_INJECTION",
          "slug": "netgain-em-cmd-injection",
          "name": "NetGain EM Command Injection",
          "category": "activity",
          "intention": "malicious",
          "description": "This IP address has been seen attempting to use a command injection vulnerability in some versions of NetGain Enterprise Manager.",
          "references": [
            "<https://www.exploit-db.com/exploits/41499>"
          ],
          "recommend_block": true,
          "cves": [],
          "created_at": "2020-04-07",
          "related_tags": null
        },
    r
    m
    • 3
    • 5
  • c

    creamy-lawyer-45588

    04/08/2022, 5:28 PM
    When scheduling a step to run at a specific time each day, is the selected time in UTC?
    s
    m
    • 3
    • 13
  • t

    thankful-potato-8143

    04/11/2022, 3:40 PM
    Does Tines treat emitted events from HTTP requests differently than webhooks? I’m using the same approach to parse the JSON fields/data from a webhook emitted event and it’s not reading the fields.
    m
    • 2
    • 2
  • a

    alert-machine-38213

    04/11/2022, 5:43 PM
    Hi all, really new at this, I’m finding this is an incredible tool! I see that there’s a Google delete user template. I’m looking to trigger a Google suspend user action. Can anyone 👀 at this json code and point me in the right direction? 🙏
    Copy code
    {
      "url": "<https://www.googleapis.com/admin/directory/v1/users/{{userkey}}>",
      "content_type": "json",
      "method": "post",
      "payload": {
        "primaryEmail": "{{user@yourcompany.com}}",
        },
      "suspended": true,
      "headers": {
        "Authorization": "Bearer {{.CREDENTIAL.google_oauth}}"
      }
    }
    m
    b
    • 3
    • 4
  • g

    gray-diamond-18991

    04/20/2022, 1:54 PM
    I’m trying to match an event to a regex, and I’m not sure why it isn’t matching. For example here’s this event with
    rec_id
    “LW_S3_1”, which I think should match. Do you see what I mean? What could be missing here? Thx!
    m
    • 2
    • 4
  • a

    adorable-photographer-66555

    04/21/2022, 5:53 PM
    First, hold down
    Cmd/Ctrl
    and drag to multi-select all actions. Then if you click on the little keyboard icon in the bottom-right hand corner of the storyboard there's an option to auto-layout which will handle this for you
    t
    • 2
    • 1
12Latest