-
Notifications
You must be signed in to change notification settings - Fork 67
ConvertTo FalconFirewallRule
bk-cs edited this page Apr 28, 2023
·
3 revisions
Convert firewall rules to be compatible with Falcon Firewall Management
Ensures that an object (either from the pipeline, or via CSV import) has the required properties to be accepted as a valid Falcon Firewall Management rule.
Rules that contain both IPv4 and IPv6 addresses will generate errors, along with any rules that are missing the required properties defined by the 'Map' parameter.
Converted rules used with 'New-FalconFirewallGroup' to create groups containing newly converted rules.
Name | Type | Description | Min | Max | Allowed | Pipeline | PipelineByName |
---|---|---|---|---|---|---|---|
Map | Hashtable | A hashtable containing the following keys with the corresponding CSV column or rule property as the value Required: action, description, direction, enabled, local_address, local_port, name, remote_address, remote_port Optional: image_name, network_location, service_name |
|||||
Path | String | Path to a CSV file containing rules to convert | |||||
Object | Object | An existing rule object to convert | X |
ConvertTo-FalconFirewallRule [-Map] <Hashtable> [-Path] <String> [<CommonParameters>]
ConvertTo-FalconFirewallRule [-Map] <Hashtable> -Object <Object> [<CommonParameters>]
2023-04-25: PSFalcon v2.2.5
- Using PSFalcon
-
Commands and Permissions
- Configuration Import/Export
- Container Security
- Detection and Prevention Policies
- Discover for Cloud and Containers
- Discover
- Event Streams
- Falcon Complete Dashboards
- Falcon Complete Message Center
- Falcon Data Replicator
- Falcon Intelligence
- Falcon Intelligence Recon
- Falcon OverWatch Dashboards
- Falcon Sandbox
- FileVantage
- Firewall Management
- Flight Control
- Horizon
- Host and Host Group Management
- Identity Protection
- Image Assessment
- Incident and Detection Monitoring
- Installation Tokens
- Kubernetes Protection
- MalQuery
- Mobile Host Enrollment
- On-Demand Scanning
- Quarantine
- Real-time Response
- Real-time Response Policy
- Scheduled Reports and Searches
- Sensor Download
- Sensor Update Policy
- Spotlight
- Tailored Intelligence
- Third-party ingestion
- USB Device Control Policy
- Users and Roles
- Zero Trust Assessment
- Examples
-
CrowdStrike SDKs
- PSFalcon - PowerShell
- FalconPy - Python 3
- goFalcon - Go
- Rusty Falcon - Rust