Skip to content

Send FalconSample

bk-cs edited this page Oct 20, 2022 · 20 revisions

Send-FalconSample

SYNOPSIS

Upload a sample file

DESCRIPTION

A successful upload will provide a 'sha256' value that can be used in submissions to the Falcon Sandbox or Falcon QuickScan.

Maximum file size is 256MB. ZIP archives will automatically redirect to the archive submission API.

Requires 'Sample Uploads: Write'.

PARAMETERS

Name Type Min Max Allowed Pipeline PipelineByName Description
IsConfidential Boolean Prohibit sample from being displayed in MalQuery [default: True]
Comment String Sample comment
FileName String X File name
Path String X Path to local file

SYNTAX

Send-FalconSample [[-IsConfidential] <Boolean>] [[-Comment] <String>] [[-FileName] <String>] -Path <String> [-WhatIf] [-Confirm] [<CommonParameters>]

USAGE

Upload a sample

Send-FalconSample -Path C:\virus.exe -Filename virus.exe -Comment 'bad file'

Upload a directory of samples

Get-ChildItem -Path C:\samples -File | Send-FalconSample

See New-FalconQuickScan.

See New-FalconSubmission.

2022-10-20: PSFalcon v2.2.3

Clone this wiki locally