-
Notifications
You must be signed in to change notification settings - Fork 69
Home
bk-cs edited this page Mar 10, 2022
·
111 revisions
- Downloading and installing the module using the PowerShell Gallery or GitHub
- Upgrading the module
- Removing the module
- Importing into PowerShell
- Finding commands
- Using parameters and dealing with pagination handling
- Converting output
- Requesting and revoking OAuth2 access tokens, switching cloud environments and child CIDs
- Verifying access token status
- Securing credentials
Individual commands and their required permissions are listed in the "Commands and Permissions" section, aligning with how they are displayed in the CrowdStrike Falcon API documentation. A few additional pages are included that cover PSFalcon-specific examples.
- Export configured items, then restore or re-create them
- Example code to help with building scripts using PowerShell and PSFalcon
- Basic Scripts designed to fulfill various goals using PSFalcon
- Using PSFalcon
-
Commands and Permissions
- Configuration Import/Export
- Container Security
- Detection and Prevention Policies
- Discover for Cloud and Containers
- Discover
- Event Streams
- Falcon Complete Dashboards
- Falcon Complete Message Center
- Falcon Data Replicator
- Falcon Intelligence
- Falcon Intelligence Recon
- Falcon OverWatch Dashboards
- Falcon Sandbox
- FileVantage
- Firewall Management
- Flight Control
- Horizon
- Host and Host Group Management
- Identity Protection
- Image Assessment
- Incident and Detection Monitoring
- Installation Tokens
- Kubernetes Protection
- MalQuery
- Mobile Host Enrollment
- On-Demand Scanning
- Quarantine
- Real-time Response
- Real-time Response Policy
- Scheduled Reports and Searches
- Sensor Download
- Sensor Update Policy
- Spotlight
- Tailored Intelligence
- Third-party ingestion
- USB Device Control Policy
- Users and Roles
- Zero Trust Assessment
- Examples
-
CrowdStrike SDKs
- PSFalcon - PowerShell
- FalconPy - Python 3
- goFalcon - Go
- Rusty Falcon - Rust