Skip to content

Invoke FalconAlertAction

Jump to bottom
bk-cs edited this page Sep 3, 2024 · 19 revisions

Invoke-FalconAlertAction

SYNOPSIS

Perform actions on alerts

DESCRIPTION

Requires 'Alerts: Write'.

PARAMETERS

Name Type Description Min Max Allowed Pipeline PipelineByName
Name String Action to perform add_tag
append_comment
assign_to_name
assign_to_user_id
assign_to_uuid
remove_tag
remove_tags_by_prefix
show_in_ui
unassign
update_status
Value String Value for the chosen action
Action Hashtable[] One or more hashtables defining multiple name/value pairs
IncludeHidden Boolean Include hidden alerts when performing action [default: $true]
Id String[] Alert identifier X X

SYNTAX

Invoke-FalconAlertAction [-Name] <String> [[-Value] <String>] [[-IncludeHidden] <Boolean>] [-Id] <String[]> [-WhatIf] [-Confirm] [<CommonParameters>]
Invoke-FalconAlertAction [-Action] <Hashtable[]> [[-IncludeHidden] <Boolean>] [-Id] <String[]> [-WhatIf] [-Confirm] [<CommonParameters>]

REFERENCE

Endpoints

PATCH /alerts/entities/alerts/v3

falconpy

PatchEntitiesAlertsV3

USAGE

2024-09-03: PSFalcon v2.2.7

Clone this wiki locally