Get FalconScan

Get-FalconScan

SYNOPSIS

Search for on-demand or scheduled scan results

DESCRIPTION

Requires 'On-demand scans (ODS): Read'.

PARAMETERS

Name	Type	Description	Min	Max	Allowed	Pipeline	PipelineByName
Id	String[]	Scan result identifier				X	X
Filter	String	Falcon Query Language expression to limit results id profile_id description.keyword initiated_from filecount.scanned filecount.malicious filecount.quarantined filecount.skipped affected_hosts_count status severity scan_started_on scan_completed_on created_on created_by last_updated targeted_host_count missing_host_count
Sort	String	Property and direction to sort results			id|asc id|desc initiated_from|asc initiated_from|desc description.keyword|asc description.keyword|desc filecount.scanned|asc filecount.scanned|desc filecount.malicious|asc filecount.malicious|desc filecount.quarantined|asc filecount.quarantined|desc filecount.skipped|asc filecount.skipped|desc affected_hosts_count|asc affected_hosts_count|desc status|asc status|desc severity|asc severity|desc scan_started_on|asc scan_started_on|desc scan_completed_on|asc scan_completed_on|desc created_on|asc created_on|desc created_by|asc created_by|desc last_updated|asc last_updated|desc
Limit	Int32	Maximum number of results per request	1	500
Include	String[]	Include additional properties			scan_file
Offset	Int32	Position to begin retrieving results
Detailed	Switch	Retrieve detailed information
All	Switch	Repeat requests until all available results are retrieved
Total	Switch	Display total result count instead of results

SYNTAX

Get-FalconScan [[-Filter] <String>] [[-Sort] <String>] [[-Limit] <Int32>] [[-Include] <String[]>] [-Offset <Int32>] [-Detailed] [-All] [-Total] [-WhatIf] [-Confirm] [<CommonParameters>]

Get-FalconScan -Id <String[]> [-WhatIf] [-Confirm] [<CommonParameters>]

REFERENCE

Endpoints

GET /ods/entities/scans/v2
GET /ods/queries/scans/v1

falconpy

query_scans
get_scans_by_scan_ids_v2

USAGE

2024-09-03: PSFalcon v2.2.7