@import url("https://fonts.googleapis.com/css2?family=Inter:wght@200;300;400;500;600;700;800;900&family=Roboto:ital,wght@0,300;0,400;0,500;0,900;1,300;1,400;1,500;1,700&display=swap");

@font-face {
  font-family: 'Nacelle';
  src: url('https://cdn.prod.website-files.com/62000f475eba4d3330543f5b/652d7a00b58f4090a56b69d4_Nacelle-SemiBold.otf') format('opentype');
  font-weight: 600;
  font-style: normal;
  font-display: swap;
}

:root {
  --dark-mode-aware-p-color-alt : rgba(0, 0, 0, 0.50);
  --dark-mode-aware-dark-background-color: #1A283B;
  --dark-mode-aware-dark-border-color: #666;
  --dark-mode-aware-dark-text-color: #eee;
  --dark-mode-aware-dark-wrapper-background-color: #364150;
  --dark-mode-aware-dark-link-color: #ffffff;
  --dark-mode-aware-keybpoard-shortcut: "rgba(18, 18, 18, 0.85)";
  --hero-background-image-light: url("https://mintlify.s3.us-west-1.amazonaws.com/blinkops-2/img/HeroLightV.svg");
  --hero-background-image-dark: url("https://mintlify.s3.us-west-1.amazonaws.com/blinkops-2/img/HeroDark.svg");
  --landing-page-image-light: url("https://mintlify.s3.us-west-1.amazonaws.com/blinkops-2/img/Hero.svg");
  --landing-page-image-dark: url("https://mintlify.s3.us-west-1.amazonaws.com/blinkops-2/img/HeroDark.svg");
}

h1,
h2,
h3,
h4 {
  font-family: 'Roboto';
  letter-spacing: normal !important;
}

.hero-text h1{
  font-family: "Roboto";
  font-size: 60px;
  font-style: normal;
  font-weight: 800;
  line-height: 63px;
  letter-spacing: 2.4px;
}

.hero-text h3{
  font-family: "Roboto";
  text-align: center;
  font-size: 24px;
  font-style: normal;
  font-weight: 500;
  line-height: 25.2px;
  letter-spacing: 0.96px;
}

.background-image{
 background-image: var(--landing-page-image-light);
 height: 330px;
 -webkit-background-size: cover;
 -moz-background-size: cover;
 -o-background-size: cover;
 background-size: cover;
 position: relative;
 width: 100%; 
 display: flex; 
 align-items: center;
 justify-content: center;
 overflow: hidden;
}

.dark .background-image{
  background-image: var(--landing-page-image-dark);
}

.paragraph-block{
  text-align: start;
  text-wrap:inherit;
}

.paragraph{
  display: block;
  margin-block-start: 0.5em;
  margin-block-end: 1em;
  margin-inline-start: 0px;
  margin-inline-end: 0px;
  unicode-bidi: isolate;
  font-family: Roboto;
  font-size: 28px;
  font-style: normal;
  font-weight: 400;
 line-height: normal;
 color: var(----dark-mode-aware-p-color)
}

.dark .paragraph{
  color: #ffffff;
}

.iframe {
  height: 800px;
  width: 100%;
}

.iframe-wrapper {
  display: unset;
}

.iframe-media {
  display: none;
}

.hero {
  display: flex;
  flex-direction: row;
  flex-wrap: wrap;
  align-items: center;
  justify-content: space-evenly;
  text-align: center;
  padding: 2rem, 2rem, 2rem, 2rem;
  background-image: var(--hero-background-image-light);
  height: 326px;
  -webkit-background-size: cover;
  -moz-background-size: cover;
  -o-background-size: cover;
  background-size: cover;
}

.dark .hero {
  background-image: var(--hero-background-image-dark);
}


.hero-content {
  display: flex;
  flex-direction: column;
  align-items:flex-start;
  margin-bottom: 1rem;
}

.hero h1 {
  font-size: 2.5rem;
  font-weight: bold;
  margin-bottom: 1.5rem;
  color: black;
}

.search-bar {
  display: flex;
  align-items: center;
  background: transparent;
  border: 1px solid #d6d8db;
  border-radius: 0.5rem;
  overflow: hidden;
}

.search-bar input {
  border: none;
  padding: 0.75rem 1rem;
  width: 400px;
  height: 43px;
  background: transparent;
  font-size: 1rem;
  flex-grow: 1;
  outline: none;
  border-radius: var(--Sizes-Radius-R-4-px, 4px);
  border: 1px solid var(--Color-Transparent-White-10, rgba(255, 255, 255, 0.10));
  background: var(--Color-Transparent-White-05, rgba(255, 255, 255, 0.05));
  backdrop-filter: blur(8px);
}

.keyboard-shortcut {
  display: flex;
  align-items: center;
  background:transparent;
  border-radius: var(--Sizes-Radius-R-4-px, 4px);
  border: 1px solid var(--Color-Transparent-White-10, rgba(255, 255, 255, 0.10));
  backdrop-filter: blur(8px);
  padding: 0.5rem;
}

.keys span {
  font-size: 14px;
  background: rgba(0, 0, 0, 0.24);
  border: 1px solid rgba(62, 149, 255, 0.04);
  color: rgba(18, 18, 18, 0.85);
  padding: 0.2rem 0.4rem;
  border-radius: 4px;
  margin: 0 0.2rem;
}

.dark .keys span{
  background-color: rgba(62, 149, 255, 0.16);
  color: rgba(255, 255, 255, 0.85);
  border: 1px solid rgba(62, 149, 255, 0.04);
}

.grid-table{
  margin-top: 2rem;
  grid-column-gap: 2.5rem;
  grid-row-gap: 2.5rem;
  flex-flow: column;
   display: flex;
  align-items: center;
}

#api-grid {
  grid-column-gap: 5rem;
  grid-row-gap: 1.25rem;
  grid-template-rows: auto;
  grid-template-columns: 1fr 1fr 1fr 1fr;
  grid-auto-columns: 1fr;
  display: grid;
  justify-items: center;
}

.api-item {
  display: flex;
  padding: var(--Sizes-Padding-Possitive-32-px, 32px) var(--Sizes-Padding-Possitive-16-px, 16px);
  align-items: center;
  border: 1px solid #e0e0e0;
  border-radius: 16px;
  height: 100px;
  width: 300px;
  border-radius: 16px;
  border: 1px solid rgba(62, 149, 255, 0.04);
  background: #F4F4F4;
}

.api-item img {
  height: 24px;
  width: 24px;
  padding: 9px, 9px,9px 9px;
}

.api-item span {
  font-size: 1rem;
  font-weight: 400;
  color: #FFF;
}

.vendor-link{ 
color: #000000;
text-overflow: ellipsis;
font-family: Roboto;
font-size: 20px;
font-style: normal;
font-weight: 500;
padding-left: 24px;
letter-spacing: 1.12px;
}

.wrapper {
  display: flex;
  justify-content: center;
  align-items: center;
  width: 42px;
  height: 42px;
  flex-shrink: 0;
  border-radius: 8px;
  background: #E3DFDF;
}

.dark .dark-mode-aware {
  border: 1px solid rgba(62, 149, 255, 0.04);
  background: #1A283B;
}

.dark .wrapper {
  background-color: #364150;
}

.dark .vendor-link {
color: #ffffff;
text-overflow: ellipsis;
font-family: Roboto;
font-size: 20px;
font-style: normal;
font-weight: 500;
padding-left: 24px;
letter-spacing: 1.12px;
}

table {
  display: table;
  max-width: 90%;
  margin: 20px auto;
}

.integrations-table table {
  border-collapse: collapse;
  border-style: solid;
  width: 100%;
  max-width: 100%;
  text-align: left;
  table-layout: fixed;
  align-items: left;
  border-color: #000000;
}

.integrations-table code a {
  pointer-events: none;
  text-decoration: none;
  color: var(--ifm-table-cell-color);
  cursor: default;
}

.integrations-table th:first-child {
  width: 50%;
}

#var-table th:first-child {
  width: 25%;
}

#var-table  th:nth-child(2){
  width: 50%;
}


.table-functions {
  border-collapse: collapse;
  border-style: hidden;
  width: 100%;
  max-width: 100%;
  text-align: left;
  table-layout: fixed;
}

.footer-container {
  display: flex;
  flex-direction: row;
  justify-content: space-between;
  width: 100%;
  margin-top: 100px;
  align-items: center;
}

.footer-icons {
  display: flex;
  gap: 32px;
}

.footer-title {
  font-family: Roboto;
  font-size: 12px;
  font-style: normal;
  font-weight: 400;
  line-height: 16px;
}

.footer-display{
  display: flex;
  flex-direction: row;
}


@media only screen and (max-width: 768px) {

  .hero{
    flex-direction: column;
    justify-content: center;
  }

  #api-grid {
    grid-template-columns: 1fr 1fr; 
    grid-column-gap: 2rem;
  }

  .iframe {
    max-height: 100%;
    height: unset;
    border-radius: 32px;
  }

  .iframe-wrapper {
    display: block;
    position: relative;
    max-height: 200px;
    border-radius: 32px;
  }

  .iframe-media {
    align-items: center;
    flex-direction: column;
    justify-content: center;
    position: absolute;
    height: 100%;
    width: 100%;
    display: flex;
    backdrop-filter: blur(0.5em);
    background-color: rgba(34, 33, 38, 0.8);
    border-radius: 32px;
  }

  .table-functions th:first-child {
  width: 17%;
}

}

@media (max-width: 996px) {

  .hero{
    flex-direction: column;
    justify-content: center;
  }

  #api-grid {
    grid-template-columns: 1fr 1fr; 
    grid-column-gap: 2rem;
  }

}

Instructions on how to configure a SAML SSO application with Azure.

Configuring a SAML application on Azure AD

Blink Documentation

The Blink REST API provides programmatic access to Blink data and functionality, enabling the management of resources such as workflows, users, cases, and more.

Introduction

Overview

Blink REST API

Returns a list of connection types by a filter

List connection types

Returns a list of connections by a filter

List connections

Create connection

Delete Connection

Gets a Connection by id

Edit connection

Run workflow

Retrieve a list of records from a given case management table. For the list of out-of-the-box tables, visit our [Case Management documentation](https://docs.blinkops.com/docs/case-management/manage-tables).

List Records from Case Management Table

Remove a specific record from a given case management table.

Delete a Record from Case Management Table

Create an Alert

Update an Alert

Create an Attachment

Update an Attachment

Create a Case

Update a Case

Create an Observable

Update an Observable

Create a Task

Update a Task

Add users to group

Remove users from group

Get a list of users or groups in your Blink tenant.

Get users or groups

List user workspaces

Get a list of groups the user is a member of

Get groups of user

Delete group

List group users

Get a list of groups in your Blink tenant

Get groups

Create group

Gets the output of a specific workflow execution by ID.

Get Workflow's execution output

Add entities to workspace

 Blink is a security automation copilot that generates automated workflows to handle repetitive tasks and enforce security policies – simply by typing a prompt. With no-code, low-code, and full coding capabilities, you can automate any security or infrastructure workflow across your entire security stack. Blink has 7K+ pre-built workflows that are available to download from the Blink Library, so you can start automating best practices and common tasks right away. Integrate with popular tools to automate all things security – and beyond.

Introduction to Blink

Welcome to Blink Ops

Instructions for signing up to the Blink Platform.

Signing into Blink

Signing In

To use the Blink platform, you need to know the key concepts and terminology.

Key Concepts

A Workflow is a sequence of steps containing actions designed to complete a specific task or process without manual intervention. The workflow that carries out these tasks automatically, whether they are simple, single-step actions or complex, multi-step processes that interact with multiple systems.

Workflows

Creating a New Workflow

Testing a Workflow

When editing a new or existing Workflow, you are working on an inactive draft version. Changes you make to a draft can be saved, but do not affect the published version.

Monitor your workflows activity using tools in the Blink platform

Running Workflows

Workflows Runtime Limitations

The Case Management feature allows you to effectively handle security incident investigations by providing detailed information and logs in one place on a single [dashboard](/docs/case-management/dashboard). This, in turn, allows for quicker responses to security incidents as soon as they are detected or identified.

Case Management

Instructions and details about Blink's Case Management Dashboard.

Case Management Dashboard

Custom Tables

Manage Tables

Case Management Settings

Case Management Permissions

Case Management Limitations

Blink Copilot is an innovative feature that helps users to create custom workflows from the ground up, using the advanced capabilities of generative AI to enhance and streamline workflows within the Workflow Editor.

Blink Copilot

The Blink Copilot Best Practices guide helps users optimize their prompts for better automated workflow results.

Blink Copilot Best Practices and Limitations

Transform the output of step that contains any `JSON data` using guidance from [Blink Copilot](/docs/blink-copilot/blink-copilot) or manually entering a `JQ command`. This feature uses build-time AI to generate JQ commands from your text prompts, allowing you to reshape data formats or focus on essential information.

Step Output Transformation

In the Blink Platform section of the documentation, you can find all the necessary information related to Blink's Platform and its features.

Blink Platform

Blink customers have the option to designate a Service Provider (MSP, MSSP) to oversee the management of their account. By doing so, the Service Provider can develop customized Workflows tailored to the specific needs of the end-users, as well as manage and update them to guarantee a reliable and secure workspace. Moreover, the Service Provider can promptly address any issues that may arise, ensuring uninterrupted operations and a seamless user experience.

Service Providers

In the subsequent section of the documentation, you will find sample tutorials and detailed instructions on creating different types of Workflow offered by Blink Ops.

Tutorials

This tutorial shows you how to create a simple Workflow that prints Hello World in Bash and Python, using references from input parameters and references from previous Steps.

Creating a Simple Workflow - Hello World

Creating a Simple Workflow: Hello World

Tutorial for creating an Self-Service Workflow

Self Service Workflow Tutorial

Self-service Workflow: Consume and expose a Terraform project as a service

In this tutorial we will show you how to create a Workflow that controls tags applied when a new EC2 instance is created.

Event Based Workflow Tutorials

Event-based Automation: Tag control on a new EC2 instance

The _Workflow Editor_ allows you to build and automate security workflows by adding Blink action or actions from various third-party integrations to steps. It enables users to create custom workflows that streamline security tasks, enhance efficiency, and respond to threats or incidents in a consistent and automated way. Through the workflow editor, you can easily select predefined actions, configure triggers, and set up automated responses, all without needing extensive coding knowledge.

Workflow Editor

The Workflow Editor

Conditions are used to compare two values. The condition builder enables you to use condition statements in your Workflows.

Condition Builder

Steps are the building blocks of a [Workflow](/docs/workflows/workflows). Each Step has a single goal and Steps are arranged in a logical order to complete a workflow. The user selects an [Action](/docs/workflows/building-workflows/actions/actions) and adds a [Connection](docs/workflows/building-workflows/connections/connections), if required, to the Workflow's flow on the Editor.

Steps

The files mechanism allows Workflows builders to create, edit and use files which are persisted between executions of steps in a Workflow. The lifespan of files is aligned with the lifespan of the execution of the Workflow - when the execution is finished, the files are deleted.

Files

The Workflow `YAML` contains all the information about the Workflow. Its name, description, runner, etc. It also includes a list of the Workflow's Steps, and each step has a name, action, inputs, and a connection.

Workflow YAML

To view the workflows's Run Logs, select the Run Logs tab, and then choose the specific Automated Workflow's Run Log you wish to view.

Workflow Run Logs

Instructions on Draft and published Workflow

Controlling the Availability of a Published Workflow

Clicking on any Automation in a Pack takes you to the Automation Overview page. This page displays general information about the Automation, details of each Step, and details about past executions.

Workflow Overview Page

This is the Workflows Version History feature

Workflows Version History

Workflow Version History

Monitor your Workflow activity using tools in the Blink platform.

Monitoring Workflows Health

Workflow Packs

An Automation Pack is a collection of Workflows that it is used to logically sort your Workflows into collections according to their use-cases

Pack Management

The Templates feature contains a wide variety of pre-made Workflows. Import a Workflow template and make small adjustments to suit your needs, instead of creating an Workflow from scratch.

Templates

Instructions on how to use a Workflow template if the user has not signed up for the Blink Platform

Using Workflow Templates for Users Without a Blink Account

Premium users can access, import, and use all templates, free and Premium, in the Workflow Library

Using Workflow Templates as an Existing Blink User

Blink's Automated Case Management

Detailed Explanation of Alert Ingestion Workflows

Alert Ingestion Workflows

Detailed Explanation of IOC Enrichment Workflows

Enrichment Workflows

Detailed Explanation of Response Workflows

Response Workflows

Error Handling Workflow

Detailed Explanation of Recovery Workflows

Recovery Workflows

Detailed Explanation of Utilities Workflows

Utility Workflows

Case Management Actions

Case Actions

All the Case Management Observables Actions.

Observables Actions

Alert Actions

All the Case Management Attachment Actions.

Attachment Actions

Query Action

Record Actions

Task Actions

Triggers

Cases

To create your first Blink case, follow this step-by-step guide

Create a New Case

Editing a Case

Deleting a Case

With the Case Management feature, you can define **service level agreement (SLA)** response times in two ways for the **entire case** or for the **statuses** of the selected case. You can set the **SLA** by choosing a time duration in **Days**,**Hours**, or **Minutes**.

Linked Cases

Blink users can share selected cases with other both Blink Users or Users who do not have a Blink Account.

Sharing a Case

Observables refer to data that indicates a system may have been infiltrated by a cyber threat. They provide cybersecurity teams with crucial knowledge after a data breach or another breach in security. In this section, you can create and manage Observables for your Cases.

Observables

Editing Observables

Deleting Observables

An alert signifies a security issue received from a 3rd party security service provider.

Ovevriew

Alerts

Editing an Alert

Deleting an Alert

Creating a New Attachment

Editing an Attachment

Deleting an Attachment

There is an option to add a **task table** to the already existing **Case Management** tables.

Tasks

Deleting a Task

Editing a Task

Workspaces are compartmentalized environment within your organization designed to help you efficiently manage and organize hyperautomation resources and teams.Each workspace operates independently, with no hierarchical connections between them, enabling complete control over managing resources and workflows. Workspaces can be created based on specific functions or team needs, allowing team members to collaborate effectively on projects and share resources. When a new user joins Blink, a personal workspace is automatically created, named after the email used to sign up. Access to resources within a workspace is governed by Role-Based Access Control (RBAC), linked to user roles, ensuring secure and controlled collaboration.

Workspaces

Blink's workspaces enable you to organize your company into smaller subdivisions based on your specific needs. Every team can have one or more workspaces. This enables team members to collaborate on projects and share Workflows and resources efficiently.

Creating a New Workspace

Additional workspaces can be created to fit your company's needs. Workspaces can be created for departments, teams, projects, and any other subdivision existing in your organization. The owner of the workspace controls the members and their roles.

Organizing Your Workspaces

Managing Your Workspace

Sharing resources allows members of a workspace to use resources created by others, but not to modify them. This allows team members to collaborate on projects easily and efficiently.

Sharing Workspace Resources

Workspace usage data is a core feature in Blink Ops that enables administrators and team leads to track and analyze their automation resource utilization. This feature provides real-time visibility into workflow execution metrics, helping teams optimize their automation processes and manage resources effectively.

Monitoring your Workspace Usage

The runner serves as the essential element in executing all actions within a Workflow.

Runners

All the information regarding the runners setting

Runner Settings

Sharing a Runner

For the best experience and performance, ensure that you always install the latest version of the runner. Blink runners are automatically updated by default.

Updating a Runner

When using an on-prem Runner installation, it can be desirable to install more than one Runner.

Configuring a Runner Group

Tables enable you to present and interact with data in Blink, unlocking new workflow possibilities. Since your Workflows can write to Tables and read data from them, this enables you to create stateful Workflows. In other words, you can build Workflows that work with Tables to track the status of something over time and provide interfaces with pre-defined actions for end users.

Tables

Create your First Table

When creating a new Table or field in Blink, users are required to provide a display name. Once the Table or field is created, it is assigned a permanent and unique name (ID), while the display name remains editable and can be changed.

Table and Field Naming Conventions

Basic Operations On Tables

Blink Tables allows for basic and advanced view changes, to allow filtering, sorting, ordering and browsing the table records.

Viewing capabilities of tables

Tables can be manipulated using workflow actions. The Table related actions are listed under the **Tables** collection in the actions explorer.