Get FalconThreatGraphIndicator

Get-FalconThreatGraphIndicator

SYNOPSIS

Search the Falcon ThreatGraph for indicators seen by hosts

DESCRIPTION

Requires 'Threatgraph: Read'.

PARAMETERS

Name	Type	Description	Min	Max	Allowed
Type	String	Indicator type			`domain` `ipv4` `ipv6` `md5` `sha1` `sha256`
Value	String	Indicator value
Nano	Boolean	Return nano-precision entity timestamps
Limit	Int32	Maximum number of results per request [default: 100]	`1`	`100`
Offset	String	Position to begin retrieving results
All	Switch	Repeat requests until all available results are retrieved
Total	Switch	Display total result count instead of results

SYNTAX

Get-FalconThreatGraphIndicator [-Type] <String> [-Value] <String> [[-Nano] <Boolean>] [[-Limit] <Int32>] [-Offset <String>] [-All] [-Total] [-WhatIf] [-Confirm] [<CommonParameters>]

REFERENCE

Endpoints

GET /threatgraph/combined/ran-on/v1

falconpy

combined_ran_on_get

USAGE

2024-09-03: PSFalcon v2.2.7

Using PSFalcon
Commands and Permissions
Examples
- Code Examples
- Samples
CrowdStrike SDKs
- PSFalcon - PowerShell
- FalconPy - Python 3
- goFalcon - Go
- Rusty Falcon - Rust

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Get FalconThreatGraphIndicator

Get-FalconThreatGraphIndicator

SYNOPSIS

DESCRIPTION

PARAMETERS

SYNTAX

REFERENCE

Endpoints

falconpy

USAGE

Clone this wiki locally