All URIs are relative to https://api.us-2.crowdstrike.com
| Method | HTTP request | Description |
|---|---|---|
| archive_delete_v1 | DELETE /archives/entities/archives/v1 | Delete an archive that was uploaded previously |
| archive_get_v1 | GET /archives/entities/archives/v1 | Retrieves the archives upload operation statuses. Status `done` means that archive was processed successfully. Status `error` means that archive was not processed successfully. |
| archive_list_v1 | GET /archives/entities/archive-files/v1 | Retrieves the archives files in chunks. |
| archive_upload_v1 | POST /archives/entities/archives/v1 | Uploads an archive and extracts files list from it. Operation is asynchronous use `/archives/entities/archives/v1` to check the status. After uploading, use `/archives/entities/extractions/v1` to copy the file to internal storage making it available for content analysis. This method is deprecated in favor of `/archives/entities/archives/v2` |
| archive_upload_v2 | POST /archives/entities/archives/v2 | Uploads an archive and extracts files list from it. Operation is asynchronous use `/archives/entities/archives/v1` to check the status. After uploading, use `/archives/entities/extractions/v1` to copy the file to internal storage making it available for content analysis. |
| delete_sample_v3 | DELETE /samples/entities/samples/v3 | Removes a sample, including file, meta and submissions from the collection |
| extraction_create_v1 | POST /archives/entities/extractions/v1 | Extracts files from an uploaded archive and copies them to internal storage making it available for content analysis. |
| extraction_get_v1 | GET /archives/entities/extractions/v1 | Retrieves the files extraction operation statuses. Status `done` means that all files were processed successfully. Status `error` means that at least one of the file could not be processed. |
| extraction_list_v1 | GET /archives/entities/extraction-files/v1 | Retrieves the files extractions in chunks. Status `done` means that all files were processed successfully. Status `error` means that at least one of the file could not be processed. |
| get_sample_v3 | GET /samples/entities/samples/v3 | Retrieves the file associated with the given ID (SHA256) |
| upload_sample_v3 | POST /samples/entities/samples/v3 | Upload a file for further cloud analysis. After uploading, call the specific analysis API endpoint. |
archive_delete_v1(id)
Delete an archive that was uploaded previously
require 'time'
require 'crimson-falcon'
# Setup authorization
Falcon.configure do |config|
config.client_id = "Your_Client_ID"
config.client_secret = "Your_Client_Secret"
config.cloud = "us-1" # or "us-2", "eu-1", "us-gov1"
end
api_instance = Falcon::SampleUploads.new
id = 'id_example' # String | The archive SHA256.
begin
# Delete an archive that was uploaded previously
api_instance.archive_delete_v1(id)
rescue Falcon::ApiError => e
puts "Error when calling SampleUploads->archive_delete_v1: #{e}"
endThis returns an Array which contains the response data (nil in this case), status code and headers.
<Array(nil, Integer, Hash)> archive_delete_v1_with_http_info(id)
begin
# Delete an archive that was uploaded previously
data, status_code, headers = api_instance.archive_delete_v1_with_http_info(id)
p status_code # => 2xx
p headers # => { ... }
p data # => nil
rescue Falcon::ApiError => e
puts "Error when calling SampleUploads->archive_delete_v1_with_http_info: #{e}"
end| Name | Type | Description | Notes |
|---|---|---|---|
| id | String | The archive SHA256. |
nil (empty response body)
oauth2
- Content-Type: Not defined
- Accept: application/json
archive_get_v1(id, opts)
Retrieves the archives upload operation statuses. Status done means that archive was processed successfully. Status error means that archive was not processed successfully.
require 'time'
require 'crimson-falcon'
# Setup authorization
Falcon.configure do |config|
config.client_id = "Your_Client_ID"
config.client_secret = "Your_Client_Secret"
config.cloud = "us-1" # or "us-2", "eu-1", "us-gov1"
end
api_instance = Falcon::SampleUploads.new
id = 'id_example' # String | The archive SHA256.
opts = {
include_files: true # Boolean | If `true` includes processed archive files in response.
}
begin
# Retrieves the archives upload operation statuses. Status `done` means that archive was processed successfully. Status `error` means that archive was not processed successfully.
result = api_instance.archive_get_v1(id, opts)
p result
rescue Falcon::ApiError => e
puts "Error when calling SampleUploads->archive_get_v1: #{e}"
endThis returns an Array which contains the response data, status code and headers.
<Array(, Integer, Hash)> archive_get_v1_with_http_info(id, opts)
begin
# Retrieves the archives upload operation statuses. Status `done` means that archive was processed successfully. Status `error` means that archive was not processed successfully.
data, status_code, headers = api_instance.archive_get_v1_with_http_info(id, opts)
p status_code # => 2xx
p headers # => { ... }
p data # => <ClientArchiveCreateResponseV1>
rescue Falcon::ApiError => e
puts "Error when calling SampleUploads->archive_get_v1_with_http_info: #{e}"
end| Name | Type | Description | Notes |
|---|---|---|---|
| id | String | The archive SHA256. | |
| include_files | Boolean | If `true` includes processed archive files in response. | [optional][default to false] |
oauth2
- Content-Type: Not defined
- Accept: application/json
archive_list_v1(id, opts)
Retrieves the archives files in chunks.
require 'time'
require 'crimson-falcon'
# Setup authorization
Falcon.configure do |config|
config.client_id = "Your_Client_ID"
config.client_secret = "Your_Client_Secret"
config.cloud = "us-1" # or "us-2", "eu-1", "us-gov1"
end
api_instance = Falcon::SampleUploads.new
id = 'id_example' # String | The archive SHA256.
opts = {
limit: 56, # Integer | Max number of files to retrieve.
offset: 'offset_example' # String | Offset from where to get files.
}
begin
# Retrieves the archives files in chunks.
result = api_instance.archive_list_v1(id, opts)
p result
rescue Falcon::ApiError => e
puts "Error when calling SampleUploads->archive_list_v1: #{e}"
endThis returns an Array which contains the response data, status code and headers.
<Array(, Integer, Hash)> archive_list_v1_with_http_info(id, opts)
begin
# Retrieves the archives files in chunks.
data, status_code, headers = api_instance.archive_list_v1_with_http_info(id, opts)
p status_code # => 2xx
p headers # => { ... }
p data # => <ClientArchiveListFilesResponseV1>
rescue Falcon::ApiError => e
puts "Error when calling SampleUploads->archive_list_v1_with_http_info: #{e}"
end| Name | Type | Description | Notes |
|---|---|---|---|
| id | String | The archive SHA256. | |
| limit | Integer | Max number of files to retrieve. | [optional][default to 100] |
| offset | String | Offset from where to get files. | [optional] |
ClientArchiveListFilesResponseV1
oauth2
- Content-Type: Not defined
- Accept: application/json
archive_upload_v1(name, body, opts)
Uploads an archive and extracts files list from it. Operation is asynchronous use /archives/entities/archives/v1 to check the status. After uploading, use /archives/entities/extractions/v1 to copy the file to internal storage making it available for content analysis. This method is deprecated in favor of /archives/entities/archives/v2
require 'time'
require 'crimson-falcon'
# Setup authorization
Falcon.configure do |config|
config.client_id = "Your_Client_ID"
config.client_secret = "Your_Client_Secret"
config.cloud = "us-1" # or "us-2", "eu-1", "us-gov1"
end
api_instance = Falcon::SampleUploads.new
name = 'name_example' # String | Name of the archive.
body = [37] # Array<Integer> | Content of the uploaded archive in binary format. For example, use `--data-binary @$FILE_PATH` when using cURL. Max file size: 100 MB. Accepted file formats: - Portable executables: `.zip`, `.7z`.
opts = {
password: 'password_example', # String | Archive password.
is_confidential: true, # Boolean | Defines visibility of this file, either via the API or the Falcon console. - `true`: File is only shown to users within your customer account - `false`: File can be seen by other CrowdStrike customers Default: `true`.
comment: 'comment_example' # String | A descriptive comment to identify the file for other users.
}
begin
# Uploads an archive and extracts files list from it. Operation is asynchronous use `/archives/entities/archives/v1` to check the status. After uploading, use `/archives/entities/extractions/v1` to copy the file to internal storage making it available for content analysis. This method is deprecated in favor of `/archives/entities/archives/v2`
result = api_instance.archive_upload_v1(name, body, opts)
p result
rescue Falcon::ApiError => e
puts "Error when calling SampleUploads->archive_upload_v1: #{e}"
endThis returns an Array which contains the response data, status code and headers.
<Array(, Integer, Hash)> archive_upload_v1_with_http_info(name, body, opts)
begin
# Uploads an archive and extracts files list from it. Operation is asynchronous use `/archives/entities/archives/v1` to check the status. After uploading, use `/archives/entities/extractions/v1` to copy the file to internal storage making it available for content analysis. This method is deprecated in favor of `/archives/entities/archives/v2`
data, status_code, headers = api_instance.archive_upload_v1_with_http_info(name, body, opts)
p status_code # => 2xx
p headers # => { ... }
p data # => <ClientArchiveCreateResponseV1>
rescue Falcon::ApiError => e
puts "Error when calling SampleUploads->archive_upload_v1_with_http_info: #{e}"
end| Name | Type | Description | Notes |
|---|---|---|---|
| name | String | Name of the archive. | |
| body | Array<Integer> | Content of the uploaded archive in binary format. For example, use `--data-binary @$FILE_PATH` when using cURL. Max file size: 100 MB. Accepted file formats: - Portable executables: `.zip`, `.7z`. | |
| password | String | Archive password. | [optional] |
| is_confidential | Boolean | Defines visibility of this file, either via the API or the Falcon console. - `true`: File is only shown to users within your customer account - `false`: File can be seen by other CrowdStrike customers Default: `true`. | [optional][default to true] |
| comment | String | A descriptive comment to identify the file for other users. | [optional] |
oauth2
- Content-Type: application/octet-stream, application/zip, application/x-7z-compressed, application/x-zip-compressed
- Accept: application/json
archive_upload_v2(file, name, opts)
Uploads an archive and extracts files list from it. Operation is asynchronous use /archives/entities/archives/v1 to check the status. After uploading, use /archives/entities/extractions/v1 to copy the file to internal storage making it available for content analysis.
require 'time'
require 'crimson-falcon'
# Setup authorization
Falcon.configure do |config|
config.client_id = "Your_Client_ID"
config.client_secret = "Your_Client_Secret"
config.cloud = "us-1" # or "us-2", "eu-1", "us-gov1"
end
api_instance = Falcon::SampleUploads.new
file = File.new('/path/to/some/file') # File | Content of the uploaded archive. For example, use `--form file=@$FILE_PATH;type=` when using cURL. Supported file types are `application/zip` and `application/x-7z-compressed`.
name = 'name_example' # String | Name of the archive. For example, use `--form name=` when using cURL.
opts = {
password: 'password_example', # String | Archive password. For example, use `--form password=` when using cURL.
is_confidential: true, # Boolean | Defines visibility of this file in Falcon MalQuery, either via the API or the Falcon console. For example, use `--form is_confidential=` when using cURL. - `true`: File is only shown to users within your customer account - `false`: File can be seen by other CrowdStrike customers Default: `true`.
comment: 'comment_example' # String | A descriptive comment to identify the file for other users. For example, use `--form comment=` when using cURL.
}
begin
# Uploads an archive and extracts files list from it. Operation is asynchronous use `/archives/entities/archives/v1` to check the status. After uploading, use `/archives/entities/extractions/v1` to copy the file to internal storage making it available for content analysis.
result = api_instance.archive_upload_v2(file, name, opts)
p result
rescue Falcon::ApiError => e
puts "Error when calling SampleUploads->archive_upload_v2: #{e}"
endThis returns an Array which contains the response data, status code and headers.
<Array(, Integer, Hash)> archive_upload_v2_with_http_info(file, name, opts)
begin
# Uploads an archive and extracts files list from it. Operation is asynchronous use `/archives/entities/archives/v1` to check the status. After uploading, use `/archives/entities/extractions/v1` to copy the file to internal storage making it available for content analysis.
data, status_code, headers = api_instance.archive_upload_v2_with_http_info(file, name, opts)
p status_code # => 2xx
p headers # => { ... }
p data # => <ClientArchiveCreateResponseV1>
rescue Falcon::ApiError => e
puts "Error when calling SampleUploads->archive_upload_v2_with_http_info: #{e}"
end| Name | Type | Description | Notes |
|---|---|---|---|
| file | File | Content of the uploaded archive. For example, use `--form file=@$FILE_PATH;type=` when using cURL. Supported file types are `application/zip` and `application/x-7z-compressed`. | |
| name | String | Name of the archive. For example, use `--form name=` when using cURL. | |
| password | String | Archive password. For example, use `--form password=` when using cURL. | [optional] |
| is_confidential | Boolean | Defines visibility of this file in Falcon MalQuery, either via the API or the Falcon console. For example, use `--form is_confidential=` when using cURL. - `true`: File is only shown to users within your customer account - `false`: File can be seen by other CrowdStrike customers Default: `true`. | [optional][default to true] |
| comment | String | A descriptive comment to identify the file for other users. For example, use `--form comment=` when using cURL. | [optional] |
oauth2
- Content-Type: multipart/form-data
- Accept: application/json
delete_sample_v3(ids)
Removes a sample, including file, meta and submissions from the collection
require 'time'
require 'crimson-falcon'
# Setup authorization
Falcon.configure do |config|
config.client_id = "Your_Client_ID"
config.client_secret = "Your_Client_Secret"
config.cloud = "us-1" # or "us-2", "eu-1", "us-gov1"
end
api_instance = Falcon::SampleUploads.new
ids = 'ids_example' # String | The file SHA256.
begin
# Removes a sample, including file, meta and submissions from the collection
result = api_instance.delete_sample_v3(ids)
p result
rescue Falcon::ApiError => e
puts "Error when calling SampleUploads->delete_sample_v3: #{e}"
endThis returns an Array which contains the response data, status code and headers.
<Array(, Integer, Hash)> delete_sample_v3_with_http_info(ids)
begin
# Removes a sample, including file, meta and submissions from the collection
data, status_code, headers = api_instance.delete_sample_v3_with_http_info(ids)
p status_code # => 2xx
p headers # => { ... }
p data # => <MsaQueryResponse>
rescue Falcon::ApiError => e
puts "Error when calling SampleUploads->delete_sample_v3_with_http_info: #{e}"
end| Name | Type | Description | Notes |
|---|---|---|---|
| ids | String | The file SHA256. |
oauth2
- Content-Type: Not defined
- Accept: application/json
extraction_create_v1(body)
Extracts files from an uploaded archive and copies them to internal storage making it available for content analysis.
require 'time'
require 'crimson-falcon'
# Setup authorization
Falcon.configure do |config|
config.client_id = "Your_Client_ID"
config.client_secret = "Your_Client_Secret"
config.cloud = "us-1" # or "us-2", "eu-1", "us-gov1"
end
api_instance = Falcon::SampleUploads.new
body = Falcon::ClientExtractionCreateRequestV1.new # ClientExtractionCreateRequestV1 |
begin
# Extracts files from an uploaded archive and copies them to internal storage making it available for content analysis.
result = api_instance.extraction_create_v1(body)
p result
rescue Falcon::ApiError => e
puts "Error when calling SampleUploads->extraction_create_v1: #{e}"
endThis returns an Array which contains the response data, status code and headers.
<Array(, Integer, Hash)> extraction_create_v1_with_http_info(body)
begin
# Extracts files from an uploaded archive and copies them to internal storage making it available for content analysis.
data, status_code, headers = api_instance.extraction_create_v1_with_http_info(body)
p status_code # => 2xx
p headers # => { ... }
p data # => <ClientExtractionCreateResponseV1>
rescue Falcon::ApiError => e
puts "Error when calling SampleUploads->extraction_create_v1_with_http_info: #{e}"
end| Name | Type | Description | Notes |
|---|---|---|---|
| body | ClientExtractionCreateRequestV1 |
ClientExtractionCreateResponseV1
oauth2
- Content-Type: application/json
- Accept: application/json
extraction_get_v1(id, opts)
Retrieves the files extraction operation statuses. Status done means that all files were processed successfully. Status error means that at least one of the file could not be processed.
require 'time'
require 'crimson-falcon'
# Setup authorization
Falcon.configure do |config|
config.client_id = "Your_Client_ID"
config.client_secret = "Your_Client_Secret"
config.cloud = "us-1" # or "us-2", "eu-1", "us-gov1"
end
api_instance = Falcon::SampleUploads.new
id = 'id_example' # String | The extraction operation ID.
opts = {
include_files: true # Boolean | If `true` includes processed archive files in response.
}
begin
# Retrieves the files extraction operation statuses. Status `done` means that all files were processed successfully. Status `error` means that at least one of the file could not be processed.
result = api_instance.extraction_get_v1(id, opts)
p result
rescue Falcon::ApiError => e
puts "Error when calling SampleUploads->extraction_get_v1: #{e}"
endThis returns an Array which contains the response data, status code and headers.
<Array(, Integer, Hash)> extraction_get_v1_with_http_info(id, opts)
begin
# Retrieves the files extraction operation statuses. Status `done` means that all files were processed successfully. Status `error` means that at least one of the file could not be processed.
data, status_code, headers = api_instance.extraction_get_v1_with_http_info(id, opts)
p status_code # => 2xx
p headers # => { ... }
p data # => <ClientExtractionCreateResponseV1>
rescue Falcon::ApiError => e
puts "Error when calling SampleUploads->extraction_get_v1_with_http_info: #{e}"
end| Name | Type | Description | Notes |
|---|---|---|---|
| id | String | The extraction operation ID. | |
| include_files | Boolean | If `true` includes processed archive files in response. | [optional][default to false] |
ClientExtractionCreateResponseV1
oauth2
- Content-Type: Not defined
- Accept: application/json
extraction_list_v1(id, opts)
Retrieves the files extractions in chunks. Status done means that all files were processed successfully. Status error means that at least one of the file could not be processed.
require 'time'
require 'crimson-falcon'
# Setup authorization
Falcon.configure do |config|
config.client_id = "Your_Client_ID"
config.client_secret = "Your_Client_Secret"
config.cloud = "us-1" # or "us-2", "eu-1", "us-gov1"
end
api_instance = Falcon::SampleUploads.new
id = 'id_example' # String | The extraction operation ID.
opts = {
limit: 56, # Integer | Max number of file extractions to retrieve.
offset: 'offset_example' # String | Offset from where to get file extractions.
}
begin
# Retrieves the files extractions in chunks. Status `done` means that all files were processed successfully. Status `error` means that at least one of the file could not be processed.
result = api_instance.extraction_list_v1(id, opts)
p result
rescue Falcon::ApiError => e
puts "Error when calling SampleUploads->extraction_list_v1: #{e}"
endThis returns an Array which contains the response data, status code and headers.
<Array(, Integer, Hash)> extraction_list_v1_with_http_info(id, opts)
begin
# Retrieves the files extractions in chunks. Status `done` means that all files were processed successfully. Status `error` means that at least one of the file could not be processed.
data, status_code, headers = api_instance.extraction_list_v1_with_http_info(id, opts)
p status_code # => 2xx
p headers # => { ... }
p data # => <ClientExtractionListFilesResponseV1>
rescue Falcon::ApiError => e
puts "Error when calling SampleUploads->extraction_list_v1_with_http_info: #{e}"
end| Name | Type | Description | Notes |
|---|---|---|---|
| id | String | The extraction operation ID. | |
| limit | Integer | Max number of file extractions to retrieve. | [optional][default to 0] |
| offset | String | Offset from where to get file extractions. | [optional] |
ClientExtractionListFilesResponseV1
oauth2
- Content-Type: Not defined
- Accept: application/json
String get_sample_v3(ids, opts)
Retrieves the file associated with the given ID (SHA256)
require 'time'
require 'crimson-falcon'
# Setup authorization
Falcon.configure do |config|
config.client_id = "Your_Client_ID"
config.client_secret = "Your_Client_Secret"
config.cloud = "us-1" # or "us-2", "eu-1", "us-gov1"
end
api_instance = Falcon::SampleUploads.new
ids = 'ids_example' # String | The file SHA256.
opts = {
password_protected: true # Boolean | Flag whether the sample should be zipped and password protected with pass='infected'
}
begin
# Retrieves the file associated with the given ID (SHA256)
result = api_instance.get_sample_v3(ids, opts)
p result
rescue Falcon::ApiError => e
puts "Error when calling SampleUploads->get_sample_v3: #{e}"
endThis returns an Array which contains the response data, status code and headers.
<Array(String, Integer, Hash)> get_sample_v3_with_http_info(ids, opts)
begin
# Retrieves the file associated with the given ID (SHA256)
data, status_code, headers = api_instance.get_sample_v3_with_http_info(ids, opts)
p status_code # => 2xx
p headers # => { ... }
p data # => String
rescue Falcon::ApiError => e
puts "Error when calling SampleUploads->get_sample_v3_with_http_info: #{e}"
end| Name | Type | Description | Notes |
|---|---|---|---|
| ids | String | The file SHA256. | |
| password_protected | Boolean | Flag whether the sample should be zipped and password protected with pass='infected' | [optional][default to false] |
String
oauth2
- Content-Type: Not defined
- Accept: application/octet-stream
upload_sample_v3(sample, file_name, opts)
Upload a file for further cloud analysis. After uploading, call the specific analysis API endpoint.
require 'time'
require 'crimson-falcon'
# Setup authorization
Falcon.configure do |config|
config.client_id = "Your_Client_ID"
config.client_secret = "Your_Client_Secret"
config.cloud = "us-1" # or "us-2", "eu-1", "us-gov1"
end
api_instance = Falcon::SampleUploads.new
sample = File.new('/path/to/some/file') # File | Content of the uploaded sample in binary format. For example, use `--data-binary @$FILE_PATH` when using cURL. Max file size: 256 MB. Accepted file formats: - Portable executables: `.exe`, `.scr`, `.pif`, `.dll`, `.com`, `.cpl`, etc. - Office documents: `.doc`, `.docx`, `.ppt`, `.pps`, `.pptx`, `.ppsx`, `.xls`, `.xlsx`, `.rtf`, `.pub` - PDF - APK - Executable JAR - Windows script component: `.sct` - Windows shortcut: `.lnk` - Windows help: `.chm` - HTML application: `.hta` - Windows script file: `.wsf` - Javascript: `.js` - Visual Basic: `.vbs`, `.vbe` - Shockwave Flash: `.swf` - Perl: `.pl` - Powershell: `.ps1`, `.psd1`, `.psm1` - Scalable vector graphics: `.svg` - Python: `.py` - Linux ELF executables - Email files: MIME RFC 822 `.eml`, Outlook `.msg`.
file_name = 'file_name_example' # String | Name of the file.
opts = {
comment: 'comment_example', # String | A descriptive comment to identify the file for other users.
is_confidential: true # Boolean | Defines visibility of this file in Falcon MalQuery, either via the API or the Falcon console. - `true`: File is only shown to users within your customer account - `false`: File can be seen by other CrowdStrike customers Default: `true`.
}
begin
# Upload a file for further cloud analysis. After uploading, call the specific analysis API endpoint.
result = api_instance.upload_sample_v3(sample, file_name, opts)
p result
rescue Falcon::ApiError => e
puts "Error when calling SampleUploads->upload_sample_v3: #{e}"
endThis returns an Array which contains the response data, status code and headers.
<Array(, Integer, Hash)> upload_sample_v3_with_http_info(sample, file_name, opts)
begin
# Upload a file for further cloud analysis. After uploading, call the specific analysis API endpoint.
data, status_code, headers = api_instance.upload_sample_v3_with_http_info(sample, file_name, opts)
p status_code # => 2xx
p headers # => { ... }
p data # => <ClientSampleMetadataResponseV2>
rescue Falcon::ApiError => e
puts "Error when calling SampleUploads->upload_sample_v3_with_http_info: #{e}"
end| Name | Type | Description | Notes |
|---|---|---|---|
| sample | File | Content of the uploaded sample in binary format. For example, use `--data-binary @$FILE_PATH` when using cURL. Max file size: 256 MB. Accepted file formats: - Portable executables: `.exe`, `.scr`, `.pif`, `.dll`, `.com`, `.cpl`, etc. - Office documents: `.doc`, `.docx`, `.ppt`, `.pps`, `.pptx`, `.ppsx`, `.xls`, `.xlsx`, `.rtf`, `.pub` - PDF - APK - Executable JAR - Windows script component: `.sct` - Windows shortcut: `.lnk` - Windows help: `.chm` - HTML application: `.hta` - Windows script file: `.wsf` - Javascript: `.js` - Visual Basic: `.vbs`, `.vbe` - Shockwave Flash: `.swf` - Perl: `.pl` - Powershell: `.ps1`, `.psd1`, `.psm1` - Scalable vector graphics: `.svg` - Python: `.py` - Linux ELF executables - Email files: MIME RFC 822 `.eml`, Outlook `.msg`. | |
| file_name | String | Name of the file. | |
| comment | String | A descriptive comment to identify the file for other users. | [optional] |
| is_confidential | Boolean | Defines visibility of this file in Falcon MalQuery, either via the API or the Falcon console. - `true`: File is only shown to users within your customer account - `false`: File can be seen by other CrowdStrike customers Default: `true`. | [optional][default to true] |
ClientSampleMetadataResponseV2
oauth2
- Content-Type: multipart/form-data, application/octet-stream
- Accept: application/json