tum
/
soc


			
				
					
						
						
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245
							{
  "workflow_as_code": false,
  "actions": [
    {
      "app_name": "Shuffle Tools",
      "app_version": "1.2.0",
      "description": "Receive IP input from webhook payload.",
      "app_id": "0671c57b-3af6-43f7-9501-b2f916c127c8",
      "errors": [],
      "id": "b6f4c2a8-3d6d-4d1f-8c70-03d09a1e6f11",
      "is_valid": true,
      "isStartNode": true,
      "sharing": true,
      "label": "Webhook Trigger (IP Input)",
      "public": true,
      "generated": false,
      "large_image": "",
      "environment": "Shuffle",
      "name": "webhook",
      "parameters": [
        {
          "name": "source_ip",
          "value": "",
          "description": "IP address to check as IOC.",
          "required": true,
          "multiline": false,
          "multiselect": false,
          "options": null,
          "action_field": "",
          "variant": "",
          "configuration": false,
          "tags": null,
          "schema": {
            "type": ""
          },
          "skip_multicheck": false,
          "value_replace": null,
          "unique_toggled": false,
          "error": "",
          "hidden": false
        }
      ],
      "execution_variable": {
        "description": "",
        "id": "",
        "name": "",
        "value": ""
      },
      "position": {
        "x": 100,
        "y": 120
      },
      "authentication_id": "",
      "category": "",
      "reference_url": "",
      "sub_action": false,
      "run_magic_output": false,
      "run_magic_input": false,
      "execution_delay": 0,
      "category_label": null,
      "suggestion": false,
      "parent_controlled": false,
      "source_workflow": "",
      "source_execution": ""
    },
    {
      "app_name": "Shuffle Tools",
      "app_version": "1.2.0",
      "description": "Build request body for SOC IOC evaluation endpoint.",
      "app_id": "0671c57b-3af6-43f7-9501-b2f916c127c8",
      "errors": [],
      "id": "e72dcb76-a265-4da1-a0dd-2f65f558b52f",
      "is_valid": true,
      "isStartNode": false,
      "sharing": true,
      "label": "Prepare IOC Check Payload",
      "public": true,
      "generated": false,
      "large_image": "",
      "environment": "Shuffle",
      "name": "repeat_back_to_me",
      "parameters": [
        {
          "name": "call",
          "value": "{\"ioc_type\":\"ip\",\"ioc_value\":\"{{actions.b6f4c2a8-3d6d-4d1f-8c70-03d09a1e6f11.source_ip}}\",\"source_event\":{\"event_id\":\"shuffle-ip-check-sample\",\"network\":{\"src_ip\":\"{{actions.b6f4c2a8-3d6d-4d1f-8c70-03d09a1e6f11.source_ip}}\"}}}",
          "description": "Use this JSON as body for POST /mvp/ioc/evaluate in a HTTP node.",
          "required": false,
          "multiline": true,
          "multiselect": false,
          "options": null,
          "action_field": "",
          "variant": "",
          "configuration": false,
          "tags": null,
          "schema": {
            "type": ""
          },
          "skip_multicheck": false,
          "value_replace": null,
          "unique_toggled": false,
          "error": "",
          "hidden": false
        }
      ],
      "execution_variable": {
        "description": "",
        "id": "",
        "name": "",
        "value": ""
      },
      "position": {
        "x": 430,
        "y": 120
      },
      "authentication_id": "",
      "category": "",
      "reference_url": "",
      "sub_action": false,
      "run_magic_output": false,
      "run_magic_input": false,
      "execution_delay": 0,
      "category_label": null,
      "suggestion": false,
      "parent_controlled": false,
      "source_workflow": "",
      "source_execution": ""
    }
  ],
  "branches": [
    {
      "id": "branch-ip-ioc-1",
      "source": "b6f4c2a8-3d6d-4d1f-8c70-03d09a1e6f11",
      "destination": "e72dcb76-a265-4da1-a0dd-2f65f558b52f",
      "success": true,
      "label": ""
    }
  ],
  "visual_branches": null,
  "triggers": [],
  "comments": [],
  "configuration": {
    "exit_on_error": false,
    "start_from_top": false,
    "skip_notifications": false
  },
  "created": 1771470000,
  "edited": 1771470000,
  "last_runtime": 0,
  "due_date": 0,
  "id": "d2ccf0bd-bf4d-4f77-8eea-c1a65f1ea3e9",
  "is_valid": true,
  "name": "Sample - IP IOC Check Payload Builder",
  "description": "Sample Shuffle workflow JSON for IP IOC check integration. Trigger with source_ip, then pass generated JSON to HTTP POST /mvp/ioc/evaluate.",
  "start": "b6f4c2a8-3d6d-4d1f-8c70-03d09a1e6f11",
  "owner": "1050bd5b-b1bb-4c22-acfb-94156cdc0567",
  "sharing": "private",
  "execution_org": {
    "name": "default",
    "id": "03264040-f718-4a61-b9ac-61c7cac3fe99",
    "users": [],
    "role": "admin",
    "child_orgs": null,
    "region_url": "",
    "is_partner": false,
    "image": "",
    "creator_org": "",
    "branding": {
      "enable_chat": false,
      "home_url": "",
      "theme": "",
      "documentation_link": "",
      "global_user": false,
      "support_email": "",
      "logout_url": "",
      "brand_color": "",
      "brand_name": ""
    }
  },
  "org_id": "03264040-f718-4a61-b9ac-61c7cac3fe99",
  "workflow_variables": null,
  "execution_environment": "",
  "previously_saved": true,
  "categories": {
    "intel": {
      "name": "intel",
      "count": 0,
      "id": "",
      "description": "",
      "large_image": ""
    }
  },
  "example_argument": "",
  "public": false,
  "default_return_value": "",
  "contact_info": {
    "name": "",
    "url": ""
  },
  "published_id": "",
  "revision_id": "",
  "usecase_ids": null,
  "input_questions": null,
  "form_control": {
    "input_markdown": "",
    "output_yields": null,
    "cleanup_actions": null,
    "form_width": 0
  },
  "blogpost": "",
  "video": "",
  "status": "test",
  "workflow_type": "",
  "generated": false,
  "hidden": false,
  "background_processing": false,
  "updated_by": "root",
  "validated": false,
  "validation": {
    "valid": false,
    "changed_at": 0,
    "last_valid": 0,
    "validation_ran": false,
    "notifications_created": 0,
    "environment": "",
    "workflow_id": "",
    "execution_id": "",
    "node_id": "",
    "total_problems": 0,
    "errors": [],
    "subflow_apps": []
  },
  "parentorg_workflow": "",
  "childorg_workflow_ids": null,
  "suborg_distribution": [],
  "backup_config": {
    "onprem_backup": false,
    "upload_repo": "",
    "upload_branch": "",
    "upload_username": "",
    "upload_token": "",
    "tokens_encrypted": false
  },
  "auth_groups": null
}