-
Notifications
You must be signed in to change notification settings - Fork 72
Get FalconVulnerability
bk-cs edited this page Dec 12, 2022
·
26 revisions
Search for Falcon Spotlight vulnerabilities
Requires 'Spotlight Vulnerabilities: Read'.
Name | Type | Min | Max | Allowed | Pipeline | PipelineByName | Description |
---|---|---|---|---|---|---|---|
Id | String[] | X | X | Vulnerability identifier | |||
Filter | String | Falcon Query Language expression to limit results | |||||
Facet | String[] |
cve evaluation_logic host_info remediation
|
Include additional properties | ||||
Sort | String |
created_timestamp.asc created_timestamp.desc closed_timestamp.asc closed_timestamp.desc updated_timestamp.asc updated_timestamp.desc
|
Property and direction to sort results | ||||
Limit | Int32 | 1 |
400 |
Maximum number of results per request | |||
After | String | Pagination token to retrieve the next set of results | |||||
Detailed | Switch | Retrieve detailed information | |||||
All | Switch | Repeat requests until all available results are retrieved | |||||
Total | Switch | Display total result count instead of results |
Get-FalconVulnerability [-Filter] <String> [[-Sort] <String>] [[-Limit] <Int32>] [-After <String>] [-All] [-Total] [-WhatIf] [-Confirm] [<CommonParameters>]
Get-FalconVulnerability -Id <String[]> [-WhatIf] [-Confirm] [<CommonParameters>]
Get-FalconVulnerability [-Filter] <String> [[-Facet] <String[]>] [[-Sort] <String>] [[-Limit] <Int32>] [-After <String>] -Detailed [-All] [-WhatIf] [-Confirm] [<CommonParameters>]
queryVulnerabilities
getVulnerabilities
combinedQueryVulnerabilities
NOTE: The Spotlight API requires the use of a filter when requesting results.
Get-FalconVulnerability -Filter "created_timestamp:>'2019-11-25T22:36:12Z'" [-Detailed] [-All]
Get-FalconVulnerability -Id <id>, <id>
2022-12-12: PSFalcon v2.2.3
- Using PSFalcon
-
Commands by Permission
- Actors (Falcon Intelligence)
- Alerts
- API integrations
- App Logs
- Channel File Control Settings
- Configuration Assessment
- Content Update Policies
- Correlation Rules
- CSPM registration
- Custom IOA rules
- Detections
- Device Content
- Device control policies
- Event streams
- Falcon Complete Dashboards
- Falcon Container Image
- Falcon Data Replicator
- Falcon Discover
- Falcon FileVantage
- Falcon FileVantage Content
- Firewall management
- Flight Control
- Host groups
- Host Migration
- Hosts
- Identity Protection Entities
- Identity Protection GraphQL
- Identity Protection Policy Rules
- Incidents
- Indicators (Falcon Intelligence)
- Installation tokens
- Installation token settings
- IOA Exclusions
- IOC Manager APIs
- IOCs
- Kubernetes Protection
- Machine Learning exclusions
- MalQuery
- Malware Families (Falcon Intelligence)
- Message Center
- Mobile Enrollment
- Monitoring rules (Falcon Intelligence Recon)
- On demand scans (ODS)
- OverWatch Dashboard
- Prevention Policies
- Quarantined Files
- QuickScan Pro
- Real time response
- Real time response (admin)
- Reports (Falcon Intelligence)
- Response policies
- Rules (Falcon Intelligence)
- Sample uploads
- Sandbox (Falcon Intelligence)
- Scheduled Reports
- Sensor Download
- Sensor update policies
- Sensor Usage
- Sensor Visibility Exclusions
- Snapshot
- Snapshot Scanner Image Download
- Tailored Intelligence
- Threatgraph
- User management
- Vulnerabilities
- Vulnerabilities (Falcon Intelligence)
- Workflow
- Zero Trust Assessment
- Other Commands
- Examples
-
CrowdStrike SDKs
- FalconPy - Python 3
- goFalcon - Go
- Rusty Falcon - Rust