PRISM弹性告警通知 - 通过Microsoft Graph API
中级
这是一个IT Ops, SecOps领域的自动化工作流,包含 7 个节点。主要使用 If, HttpRequest, SplitInBatches, ScheduleTrigger 等节点。 PRISM弹性告警通知 - 通过Microsoft Graph API
前置要求
- •可能需要目标 API 的认证凭证
工作流预览
可视化展示节点连接关系,支持缩放和平移
导出工作流
复制以下 JSON 配置到 n8n 导入,即可使用此工作流
{
"nodes": [
{
"id": "e4929773-39f9-4b8a-b462-235c37514479",
"name": "获取 Elastic 警报",
"type": "n8n-nodes-base.httpRequest",
"position": [
620,
440
],
"parameters": {
"url": "https://your-prism-elastic-api-endpoint.com/alerts",
"options": {}
},
"typeVersion": 2
},
{
"id": "973a8254-5ec0-4ea0-95b5-7e6a0f0625ab",
"name": "发送邮件通知",
"type": "n8n-nodes-base.httpRequest",
"position": [
1440,
220
],
"parameters": {
"url": "https://graph.microsoft.com/v1.0/me/sendMail",
"options": {
"bodyContentType": "json"
},
"requestMethod": "POST",
"authentication": "oAuth2",
"jsonParameters": true,
"bodyParametersJson": "={\n \"message\": {\n \"subject\": \"PRISM Elastic Alert: {{$json[\"alert_name\"]}}\",\n \"body\": {\n \"contentType\": \"HTML\",\n \"content\": \"Hello,<br><br>An alert has been triggered:<br><strong>Alert Name:</strong> {{$json[\"alert_name\"]}}<br><strong>Severity:</strong> {{$json[\"severity\"]}}<br><strong>Timestamp:</strong> {{$json[\"timestamp\"]}}<br><br>Details:<br>{{$json[\"alert_message\"]}}<br><br>Regards,<br>PRISM Alert System\"\n },\n \"toRecipients\": [\n {\n \"emailAddress\": {\n \"address\": \"user@example.com\"\n }\n }\n ]\n },\n \"saveToSentItems\": \"true\"\n}"
},
"typeVersion": 2
},
{
"id": "f7f4feee-6854-4997-ae15-870cab4abdbb",
"name": "计划触发器",
"type": "n8n-nodes-base.scheduleTrigger",
"position": [
380,
440
],
"parameters": {
"rule": {
"interval": [
{}
]
}
},
"typeVersion": 1.2
},
{
"id": "b8578c55-a052-43f2-9d6a-24d8084dae8a",
"name": "响应不为空",
"type": "n8n-nodes-base.if",
"position": [
840,
440
],
"parameters": {
"options": {}
},
"typeVersion": 2.1
},
{
"id": "664216e6-c212-4f4b-8b09-60675c4fcd91",
"name": "无操作,不执行任何动作",
"type": "n8n-nodes-base.noOp",
"position": [
1100,
680
],
"parameters": {},
"typeVersion": 1
},
{
"id": "bcead903-56ed-4ae8-bff9-cec274b2fe71",
"name": "遍历每个警报项",
"type": "n8n-nodes-base.splitInBatches",
"position": [
1100,
200
],
"parameters": {
"options": {}
},
"typeVersion": 3
},
{
"id": "a5e55903-a245-4d70-88e7-14c1f18cde25",
"name": "无操作,循环结束",
"type": "n8n-nodes-base.noOp",
"position": [
1440,
0
],
"parameters": {},
"typeVersion": 1
}
],
"pinData": {},
"connections": {
"Schedule Trigger": {
"main": [
[
{
"node": "Get PRISM Elastic Alert",
"type": "main",
"index": 0
}
]
]
},
"Response is not empty": {
"main": [
[
{
"node": "Loop Over Each Alert Items",
"type": "main",
"index": 0
}
],
[
{
"node": "No Operation, do nothing",
"type": "main",
"index": 0
}
]
]
},
"Get PRISM Elastic Alert": {
"main": [
[
{
"node": "Response is not empty",
"type": "main",
"index": 0
}
]
]
},
"Send Email Notification": {
"main": [
[
{
"node": "Loop Over Each Alert Items",
"type": "main",
"index": 0
}
]
]
},
"Loop Over Each Alert Items": {
"main": [
[
{
"node": "No Operation, end of loop",
"type": "main",
"index": 0
}
],
[
{
"node": "Send Email Notification",
"type": "main",
"index": 0
}
]
]
}
}
}常见问题
如何使用这个工作流?
复制上方的 JSON 配置代码,在您的 n8n 实例中创建新工作流并选择「从 JSON 导入」,粘贴配置后根据需要修改凭证设置即可。
这个工作流适合什么场景?
中级 - IT 运维, 安全运维
需要付费吗?
本工作流完全免费,您可以直接导入使用。但请注意,工作流中使用的第三方服务(如 OpenAI API)可能需要您自行付费。
相关工作流推荐
使用n8n和API自动化GitLab合并请求
使用n8n和API自动化GitLab合并请求
If
Set
Wait
+3
10 节点Aditya Gaur
工程
🌍 AI WhatsApp翻译器 + 语音转录器与HubSpot集成
基于OpenAI Whisper和GPT-4的多语言WhatsApp翻译器,集成HubSpot
If
N8n
Set
+18
107 节点Amanda Benks
其他
审核Google Drive文件权限以进行访问控制管理
审核Google Drive文件权限以进行访问控制管理
Set
Gmail
Filter
+8
19 节点Jimleuk
IT 运维
SSL到期提醒
使用SSL-Checker.io的SSL到期提醒
If
Gmail
Http Request
+3
12 节点Vishal Kumar
开发运维
使用GPT-4.1、Outlook和Mem.ai自动化Microsoft Teams会议分析
使用GPT-4.1、Outlook和Mem.ai自动化Microsoft Teams会议分析
If
Set
Code
+19
61 节点Wayne Simpson
人力资源
使用Nuclei和Project Discovery的漏洞赏金项目自动CVE扫描
使用Nuclei和Project Discovery的漏洞赏金项目自动CVE扫描
If
Set
Ssh
+9
32 节点Javier Rieiro
安全运维
