Skip to content

Get FalconVulnerability

Jump to bottom
bk-cs edited this page Oct 31, 2022 · 26 revisions

Get-FalconVulnerability

SYNOPSIS

Search for Falcon Spotlight vulnerabilities

DESCRIPTION

Requires 'Spotlight Vulnerabilities: Read'.

PARAMETERS

Name Type Min Max Allowed Pipeline PipelineByName Description
Id String[] X X Vulnerability identifier
Filter String Falcon Query Language expression to limit results
Facet String[] cve
evaluation_logic
host_info
remediation 		Include additional properties
Sort String created_timestamp.asc
created_timestamp.desc
closed_timestamp.asc
closed_timestamp.desc
updated_timestamp.asc
updated_timestamp.desc 		Property and direction to sort results
Limit Int32 1 400 Maximum number of results per request
After String Pagination token to retrieve the next set of results
Detailed Switch Retrieve detailed information
All Switch Repeat requests until all available results are retrieved
Total Switch Display total result count instead of results

SYNTAX

Get-FalconVulnerability [-Filter] <String> [[-Sort] <String>] [[-Limit] <Int32>] [-After <String>] [-All] [-Total] [-WhatIf] [-Confirm] [<CommonParameters>]
Get-FalconVulnerability -Id <String[]> [-WhatIf] [-Confirm] [<CommonParameters>]
Get-FalconVulnerability [-Filter] <String> [[-Facet] <String[]>] [[-Sort] <String>] [[-Limit] <Int32>] [-After <String>] -Detailed [-All] [-WhatIf] [-Confirm] [<CommonParameters>]

SDK Reference

falconpy

queryVulnerabilities
getVulnerabilities
combinedQueryVulnerabilities

USAGE

Search for vulnerabilities

NOTE: The Spotlight API requires the use of a filter when requesting results.

Get-FalconVulnerability -Filter "created_timestamp:>'2019-11-25T22:36:12Z'" [-Detailed] [-All]

Get information about specific vulnerabilities

Get-FalconVulnerability -Id <id>, <id>

2022-10-31: PSFalcon v2.2.3

Clone this wiki locally