Skip to content

Edit FalconSvExclusion

bk-cs edited this page Sep 3, 2024 · 22 revisions

Edit-FalconSvExclusion

SYNOPSIS

Modify a Sensor Visibility exclusion

DESCRIPTION

Requires 'Sensor Visibility Exclusions: Write'.

PARAMETERS

Name Type Description Min Max Allowed Pipeline PipelineByName
Value String RegEx pattern value X
GroupId Object[] Host group identifier or 'all' to apply to all hosts X
DescendantProcess Boolean Apply to descendant processes X
Comment String Audit log comment X
Id String Exclusion identifier X X

SYNTAX

Edit-FalconSvExclusion [[-Value] <String>] [[-GroupId] <Object[]>] [[-DescendantProcess] <Boolean>] [[-Comment] <String>] [-Id] <String> [-WhatIf] [-Confirm] [<CommonParameters>]

REFERENCE

Endpoints

PATCH /policy/entities/sv-exclusions/v1

falconpy

updateSensorVisibilityExclusionsV1

USAGE

Modify Sensor Visibility exclusions

Edit-FalconSvExclusion -Id <id> -Value '/foochanged*'

See Modify all Sensor Visibility exclusions to include an additional Host Group.

2024-09-03: PSFalcon v2.2.7

Clone this wiki locally