Back to Integrations
integration integration
integration TheHive node

Integrate TheHive with 500+ apps and services

Unlock TheHive’s full potential with n8n, connecting it to similar Development apps and over 1000 other services. Automate productivity workflows by scheduling tasks, managing project timelines, and tracking progress across platforms. Create adaptable and scalable workflows between TheHive and your stack. All within a building experience you will love.

Create workflows with TheHive integrations

799 integrations
Sort by:
Popularity
NameOldestNewest

Popular ways to use TheHive integration

HTTP Request node
TheHive node
Item Lists node
+4

Weekly Shodan Query - Report Accidents

This n8n workflow, which runs every Monday at 5:00 AM, initiates a comprehensive process to monitor and analyze network security by scrutinizing IP addresses and their associated ports. It begins by fetching a list of watched IP addresses and expected ports through an HTTP request. Each IP address is then processed in a sequential loop. For every IP, the workflow sends a GET request to Shodan, a renowned search engine for internet-connected devices, to gather detailed information about the IP. It then extracts the data field from Shodan's response, converting it into an array. This array contains information on all ports Shodan has data for regarding the IP. A filter node compares the ports returned from Shodan with the expected list obtained initially. If a port doesn't match the expected list, it is retained for further processing; otherwise, it's filtered out. For each such unexpected port, the workflow assembles data including the IP, hostnames from Shodan, the unexpected port number, service description, and detailed data from Shodan like HTTP status code, date, time, and headers. This collected data is then formatted into an HTML table, which is subsequently converted into Markdown format. Finally, the workflow generates an alert in TheHive, a popular security incident response platform. This alert contains details like the title indicating unexpected ports for the specific IP, a description comprising the Markdown table with Shodan data, medium severity, current date and time, tags, Traffic Light Protocol (TLP) set to Amber, a new status, type as 'Unexpected open port', the source as n8n, a unique source reference combining the IP with the current Unix time, and enabling follow and JSON parameters options. This comprehensive workflow thus aids in the proactive monitoring and management of network security.
n8n-team
n8n Team
Webhook node
SIGNL4 node
TheHive node

Send TheHive Alerts Using SIGNL4

This sample workflow allows you to forward alerts from TheHive 5 to SIGNL4 in order to send reliable alerts to your team. There are two nodes for testing the TheHive connection ("TheHive Read Alerts" and "TheHive Create Alert"). The node "TheHive Webhook Request" will receive requests for new alerts from TheHive. You need to configure the webhook and the notifications in TheHive accordingly. The node "SIGNL4 Send Alert" sends the alert to SIGNL4 and the node "SIGNL4 Resolve Alert" will close the alert in SIGNL4 in case it has been closed in TheHive.
rons4
Ron
Cortex node
TheHive node

Analyze emails with S1EM

With workflow, you analyze Email with TheHive/Cortex https://github.com/V1D1AN/S1EM/wiki/Soar-guide
v1d1an
v1d1an

Supported Actions

Create
Create task log
Execute Responder
Execute a responder on a selected log
Get Many
Get many task logs
Get
Get a single log
TheHive node

About TheHive

TheHive is a powerful scalable open-source and free security incident response platform. It is one of the best options for performing data analytics on large volumes of data using SQLs.

Related categories

Similar integrations

  • MySQL node
  • Postgres node
  • GitHub node
  • MongoDB node
  • Microsoft SQL node
  • GraphQL node
  • Redis node
  • Jira Software node
  • AWS S3 node
  • Twilio node
Use case

Save engineering resources

Reduce time spent on customer integrations, engineer faster POCs, keep your customer-specific functionality separate from product all without having to code.

Learn more

Over 3000 companies switch to n8n every single week

Connect TheHive with your company’s tech stack and create automation workflows

FAQ about TheHive integrations

  • How can I set up TheHive integration in n8n?

      To use TheHive integration in n8n, start by adding the TheHive node to your workflow. You'll need to authenticate your TheHive account using supported authentication methods. Once connected, you can choose from the list of supported actions or make custom API calls via the HTTP Request node, for example: to set up TheHive integration in n8n, begin by adding the TheHive node to your workflow. Authenticate your TheHive account using the available methods, then select from the supported actions or utilize the HTTP Request node for custom API calls. This allows for seamless interaction between n8n and TheHive functionalities.

  • Do I need any special permissions or API keys to integrate TheHive with n8n?

  • Can I combine TheHive with other apps in n8n workflows?

  • What are some common use cases for TheHive integrations with n8n?

  • How does n8n’s pricing model benefit me when integrating TheHive?

We're using the @n8n_io cloud for our internal automation tasks since the beta started. It's awesome! Also, support is super fast and always helpful. 🤗

in other news I installed @n8n_io tonight and holy moly it’s good

it’s compatible with EVERYTHING

Last week I automated much of the back office work for a small design studio in less than 8hrs and I am still mind-blown about it.

n8n is a game-changer and should be known by all SMBs and even enterprise companies.

Implement complex processes faster with n8n

red icon yellow icon red icon yellow icon