2.2.4 #268
Merged
2.2.4 #268
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Added `All` and `Total` parameters to `Get-FalconUser`
Added maximum of 100 ids per "detailed" request
Updated parameter descriptions
…. Added filter to ensure that LinuxArm64 builds were only being checked when they were using tagged versions.
Moved `ValueFromPipeline` after `ValueFromPipelineByPropertyName` whenever they were both present, since PowerShell seems to process them sequentially.
Changed "Include" code to be more like existing commands.
Added 'IncludeRelations' parameter
Added `State` parameter to `Get-FalconHorizonIoaEvent` and `Get-FalconHorizonIoaUser` Renamed parameter `UserIds` to `UserId` (with `UserIds` alias) for `Get-FalconHorizonIoaEvent`
Updated `DetectionId` and `IncidentId` to submit as hashtables with `id` property, rather than an array of string values, for `Edit-FalconCompleteCase` and `New-FalconCompleteCase`
Added 'ContentFormat' and 'TriggerMatchless' parameters.
Added commands: Get-FalconIocAction, Get-FalconIocPlatform, Get-FalconIocSeverity, Get-FalconIocType Added `FromParent` parameter to: Edit-FalconIoc, Get-FalconIoc, Remove-FalconIoc Set registered argument completers for parameters 'Type', 'Action', 'Platform' and 'Severity' for 'Edit-FalconIoc' and 'New-FalconIoc'
Created 'Get-FalconDiscoverAwsScript'
## Add-FalconRole * Removed deprecated endpoint '/user-roles/entities/user-roles/v1:post'. This command now uses the '/user-management/entities/user-role-actions/v1:post' endpoint exclusively (using 'action: grant'). * Changed parameter positions and removed pipeline support for 'Id'. * 'Cid' is now a required parameter due to the endpoint change. 'Cid' is included in a 'Get-FalconUser -Detailed' result. ## Get-FalconRole * Added error message when a user attempts to pipeline a detailed 'Get-FalconUser' result to 'Get-FalconRole'. * Added auto-complete for 'Id' using list of roles from authorized CID. ## Get-FalconUser * Added 'All' and 'Total' parameters. These were mistakenly missed in the 2.2.3 release. * Added maximum of 100 user ids per 'detailed' request. ## Remove-FalconRole * Removed deprecated endpoint '/user-roles/entities/user-roles/v1:delete'. This command now uses the '/user-management/entities/user-role-actions/v1:post' endpoint exclusively (using 'action: revoke'). * Changed parameter positions and removed pipeline support for 'Id'. * 'Cid' is now a required parameter due to the endpoint change. 'Cid' is included in a 'Get-FalconUser -Detailed' result.
Added commands 'Get-FalconDiscoverAwsLink' and 'Receive-FalconDiscoverAwsScript'. ## Get-FalconDiscoverAwsAccount * Updated to use new v2 endpoint. * Because the v2 endpoint no longer includes them, 'Filter' and 'Sort' have been removed from available parameters, but 'Migrated', 'OrganizationId' and 'ScanType' have been added. * 'Detailed' has been removed because a single call now includes details. ## New-FalconDiscoverAwsAccount * Updated to use new '/cloud-connect-aws/entities/account/v2:post' endpoint. Parameters have changed to match new endpoint. ## Remove-FalconDiscoverAwsAccount * Updated to use new '/cloud-connect-aws/entities/account/v2:delete' endpoint. Parameters have changed to match new endpoint.
Added 'Partial' and 'Include' parameters to 'Find-FalconHostname'
Edited warning message for 'Find-FalconHostname' to be more accurate with how partial hostname searches work
## Edit-FalconFirewallGroup * Added 'Validate' parameter to utilize new '/fwmgr/entities/rule-groups/validation/v1:patch' endpoint. ## Edit-FalconFirewallSetting * Updated to use new '/fwmgr/entities/policies/v2:put' endpoint. ## New-FalconFirewallGroup * Added 'Validate' parameter to utilize new '/fwmgr/entities/rule-groups/validation/v1:post' endpoint. * Added 'Platform' parameter, with auto-complete using 'Get-FalconFirewallPlatform' for available values.
Updated 'New-FalconIoaExclusion' to remove 'all' when provided under 'GroupId' (which works for 'New-FalconMlExclusion' and 'New-FalconSvExclusion', but not 'New-FalconIoaExclusion').
Updated 'Send-FalconCompleteAttachment' when verify filename, and also to ensure that filesize is less than 15MB.
Changed platform_name values to lowercase to better support script designed to update json from documentation
Modified 'Get-FalconMalQueryQuota' to prevent an error message about client permissions when using '-WhatIf'.
Modified 'Get-FalconSubmissionQuota' to prevent an error message about client permissions when using '-WhatIf'.
Modified 'Get-FalconQuickScanQuota' to prevent an error message about client permissions when using '-WhatIf'.
Added 'ShouldProcess' message to notify when user will be prompted for API Client information when using '-WhatIf' on a command without having an active authorization token.
Modified to prevent errors when 'Remove-FalconToken' is used without a valid authorization token present.
Added 'ShouldProcess' message to prevent errors when using 'Edit-FalconFirewallGroup' and 'Edit-FalconFirewallSetting' with 'WhatIf'.
Added 'ShouldProcess' message to prevent errors when testing the 'Copy-Falcon...Policy' commands with 'WhatIf' and dummy data
Added 'ShouldProcess' message to prevent errors when using 'WhatIf' with dummy data
Added 'ShouldProcess' message to prevent error when using dummy data
Added a forced 'HostTimeout' value (timeout minus 5 seconds, with a default timeout of 30) to 'Invoke-FalconRtr' and 'Invoke-FalconDeploy' to ensure that multi-host sessions are used when single hosts are provided.
Added the 'Mitre' switch (with accompanying 'Format') to retrieve Mitre ATT&CK information for a given actor id.
This reverts commit 5c57c1c.
Added 'Get-FalconAttck'. Added 'Include' parameter to 'Get-FalconActor' to allow the addition of 'tactic_and_technique' results from 'Get-FalconAttck'.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
2.2.4
2.2.4 release
Issues resolved
#255
#256
#260
#263
#266