Skip to content

Get FalconIocHost

Jump to bottom
bk-cs edited this page Oct 24, 2022 · 21 revisions

Get-FalconIocHost

SYNOPSIS

Search for hosts that have observed a custom indicator

DESCRIPTION

Requires 'IOCs: Read'.

PARAMETERS

Name Type Min Max Allowed Pipeline PipelineByName Description
Type String domain
ipv4
ipv6
md5
sha256 		X Indicator type
Value String X Indicator value
Limit String 1 100 Maximum number of results per request
Offset Int32 Position to begin retrieving results
All Switch Repeat requests until all available results are retrieved
Total Switch Display the total result count instead of results

SYNTAX

Get-FalconIocHost [-Type] <String> [-Value] <String> [[-Limit] <String>] [-Offset <Int32>] [-All] [-WhatIf] [-Confirm] [<CommonParameters>]
Get-FalconIocHost [-Type] <String> [-Value] <String> -Total [-WhatIf] [-Confirm] [<CommonParameters>]

SDK Reference

falconpy

DevicesRanOn
DevicesCount

USAGE

Getting the host count

Get-FalconIocHost -Type <string> -Value <string> -Total

Getting the list of hosts that have seen an IOC

Get-FalconIocHost -Type <string> -Value <string>

2022-10-24: PSFalcon v2.2.3

Clone this wiki locally