CrowdStrike Spotlight PSFalcon - Vendor Advisory is Blank #332
kpoznanski5
started this conversation in
General
Replies: 3 comments
-
In my testing on US-1, I also see most vulnerabilities not including |
Beta Was this translation helpful? Give feedback.
0 replies
-
Hello,
I am sorry to bother you all the time.
I got this error message today when running the Get-FalconVulnerability sample PowerShell script using PSFalcon 2.2.4. The server I was running it on is Windows Server 2016.
The PS was being executed via SQL Agent job.
It ran for 166,400 rows and it errored out.
This is the first time I have encountered this error.
Message
Executed as user: NT Service\SQLSERVERAGENT. Write-Result : [{"code":500,"message":"Internal Server Error: Please provide trace-id=\u0027aeaeb7a8-7456-4330-a377-f8783e724abb\u0027 to support"}] At F:\CrowdstrikeVM\script\psfalcon-2.2.4\Private\Private.ps1:620 char:17 + Write-Result $Object + ~~~~~~~~~~~~~~~~~~~~ + CategoryInfo : InvalidResult: (System.Threadin...esponseMessage]:Task`1) [Write-Result], Exception + FullyQualifiedErrorId : aeaeb7a8-7456-4330-a377-f8783e724abb,Write-Result. Process Exit Code 0. The step succeeded.
I wonder if you would have any suggestions on what the issue is and how to correct it.
Thank you.
Kris
|
Beta Was this translation helpful? Give feedback.
0 replies
-
Unfortunately that's a non-specific error. I recommend opening a ticket with CrowdStrike support with the |
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
Hello,
I am using PSFalcon 2.2.4 to import data from Spotlight.
I am getting majority of blanks when extracting Vendor Advisory URLs.
I am using the example code for "Get-FalconVulnerability @param | ForEach-Object {..." posted here.
Data request is being made to -Cloud eu-1
The line in PowerShell to retrieve the 'Vendor Advisory' field looks like this:
'Vendor Advisory' = $_.remediation.entities.vendor_url
We have checked one sample via UI (CrowdStrike Console) and it looked like vendor advisory for that specific CVE was present.
Any suggestions?
Greatly appreciate your assistance in resolving this issue.
Thank you.
Kris
Beta Was this translation helpful? Give feedback.
All reactions