Edit FalconReconRule

Edit-FalconReconRule

SYNOPSIS

Modify a Falcon Intelligence Recon monitoring rule

DESCRIPTION

Requires 'Monitoring Rules (Falcon Intelligence Recon): Write'.

PARAMETERS

Name	Type	Allowed	Pipeline	Description
Array	Object[]		X	An array of monitoring rules to modify in a single request
Id	String			Monitoring rule identifier
Name	String			Monitoring rule name
Filter	String			Monitoring rule filter
Priority	String	`high` `medium` `low`		Monitoring rule priority
Permission	String	`private` `public`		Permission level [public: 'All Intel users', private: 'Recon Admins']

SYNTAX

Edit-FalconReconRule [-Id] <String> [-Name] <String> [-Filter] <String> [-Priority] <String> [-Permission] <String> [-WhatIf] [-Confirm] [<CommonParameters>]

Edit-FalconReconRule -Array <Object[]> [-WhatIf] [-Confirm] [<CommonParameters>]

SDK Reference

falconpy

UpdateRulesV1

USAGE

Updating a monitoring rule

Edit-FalconReconRule -Id <id> -Name psfalcon_example_updated -Priority medium

Updating multiple monitoring rules in a single request

$Array = @(
    @{
        id = <id>
        priority = "high"
    },
    @{
        id = <id>
        priority = "high"
    }
)
Edit-FalconReconRule -Array $Array

2022-12-12: PSFalcon v2.2.3

Using PSFalcon
Commands by Permission
Other Commands
Examples
- Code Examples
- Samples
CrowdStrike SDKs
- FalconPy - Python 3
- goFalcon - Go
- Rusty Falcon - Rust

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Edit FalconReconRule

Edit-FalconReconRule

SYNOPSIS

DESCRIPTION

PARAMETERS

SYNTAX

SDK Reference

falconpy

USAGE

Updating a monitoring rule

Updating multiple monitoring rules in a single request

Clone this wiki locally