Adnan Tariq This workflow corresponds to n8n.io template #6411 β we link there as the canonical source.
This workflow follows the Google Sheets β HTTP Request recipe pattern β see all workflows that pair these two integrations.
The workflow JSON
Copy or download the full n8n JSON below. Paste it into a new n8n workflow, add your credentials, activate. Full import guide β
{
"id": "H2HCZMMXmK78wDkA",
"name": "M3 - Endpoint Risk Aggregator",
"tags": [],
"nodes": [
{
"id": "14fe3db0-79b1-48f7-b511-cf9673606a8d",
"name": "\u23f0 Cron Trigger \u2013 Daily",
"type": "n8n-nodes-base.cron",
"position": [
0,
0
],
"parameters": {},
"typeVersion": 1
},
{
"id": "6bc84d47-2c24-4f8e-ac67-bd0791073866",
"name": "\ud83d\udee1 Get EDR Logs",
"type": "n8n-nodes-base.httpRequest",
"position": [
220,
0
],
"parameters": {},
"typeVersion": 1
},
{
"id": "47589ec4-9d8f-48b6-aa02-8cb9ec2bf26c",
"name": "\ud83d\uddc3 Get File Integrity Logs",
"type": "n8n-nodes-base.httpRequest",
"position": [
220,
400
],
"parameters": {},
"typeVersion": 1
},
{
"id": "68d90599-7f4e-43dd-b603-0a62228adb3a",
"name": "\ud83e\uddec Get Vulnerability Data",
"type": "n8n-nodes-base.httpRequest",
"position": [
220,
200
],
"parameters": {},
"typeVersion": 1
},
{
"id": "80f9847c-87fc-4e22-a2c5-8bec50b9be91",
"name": "\ud83d\udd00 Merge Endpoint Signals",
"type": "n8n-nodes-base.merge",
"position": [
420,
140
],
"parameters": {},
"typeVersion": 1
},
{
"id": "e4a1d4c4-f9cb-48e4-8532-0d15a76860f0",
"name": "\ud83d\udd00 Merge + FIM Logs",
"type": "n8n-nodes-base.merge",
"position": [
420,
360
],
"parameters": {},
"typeVersion": 3.1
},
{
"id": "ecf40cba-8067-428b-a780-d7e56d7397c1",
"name": "\ud83e\udde0 Risk Score Calculator",
"type": "n8n-nodes-base.function",
"position": [
220,
580
],
"parameters": {},
"typeVersion": 1
},
{
"id": "dae4094a-6907-4183-ba11-8c433d4c1356",
"name": "Google Sheets",
"type": "n8n-nodes-base.googleSheets",
"position": [
420,
580
],
"parameters": {},
"typeVersion": 4.5
},
{
"id": "767a6b21-e2a6-4c16-ba73-ee40d4c91770",
"name": "Sticky Note",
"type": "n8n-nodes-base.stickyNote",
"position": [
-340,
220
],
"parameters": {
"content": ""
},
"typeVersion": 1
}
],
"active": false,
"settings": {
"executionOrder": "v1"
},
"versionId": "1a3b8c62-b45a-40b8-a216-ca2523bcb866",
"connections": {
"\ud83d\udee1 Get EDR Logs": {
"main": [
[
{
"node": "\ud83d\udd00 Merge Endpoint Signals",
"type": "main",
"index": 0
}
]
]
},
"\ud83d\udd00 Merge + FIM Logs": {
"main": [
[
{
"node": "\ud83e\udde0 Risk Score Calculator",
"type": "main",
"index": 0
}
]
]
},
"\u23f0 Cron Trigger \u2013 Daily": {
"main": [
[
{
"node": "\ud83d\udee1 Get EDR Logs",
"type": "main",
"index": 0
}
]
]
},
"\ud83e\udde0 Risk Score Calculator": {
"main": [
[
{
"node": "Google Sheets",
"type": "main",
"index": 0
}
]
]
},
"\ud83d\udd00 Merge Endpoint Signals": {
"main": [
[
{
"node": "\ud83d\udd00 Merge + FIM Logs",
"type": "main",
"index": 0
}
]
]
},
"\ud83e\uddec Get Vulnerability Data": {
"main": [
[
{
"node": "\ud83d\udd00 Merge Endpoint Signals",
"type": "main",
"index": 1
}
]
]
},
"\ud83d\uddc3 Get File Integrity Logs": {
"main": [
[
{
"node": "\ud83d\udd00 Merge + FIM Logs",
"type": "main",
"index": 1
}
]
]
}
}
}
For the full experience including quality scoring and batch install features for each workflow upgrade to Pro
About this workflow
π€ Who itβs for Security teams, SOC analysts, and small-to-mid IT teams looking to automatically assess endpoint risk by combining known vulnerabilities with internal asset value and dynamic threat indicators.
Source: https://n8n.io/workflows/6411/ β original creator credit. Request a take-down β
More Data & Sheets workflows β Β· Browse all categories β
Related workflows
Workflows that share integrations, category, or trigger type with this one. All free to copy and import.
This workflow automates video distribution to 9 social platforms simultaneously using Blotato's API. It includes both a scheduled publisher (checks Google Sheets for videos marked "Ready") and a subwo
YogiAI. Uses googleSheets, googleSheetsTool, httpRequest, stopAndError. Scheduled trigger; 61 nodes.
This workflow monitors Google Calendar for events indicating that a customer will visit the company today or the next day, retrieves the required details, and sends reminder notifications to the relev
ofn hook v0.24.0 beta. Uses start, httpRequest, functionItem, itemLists. Scheduled trigger; 42 nodes.
Security teams, DevOps engineers, vulnerability analysts, and automation builders who want to eliminate repetitive Nessus scan parsing, AI-based risk triage, and manual reporting. Designed for orgs fo