Bots From Extension: crowdstrike
Crowdstrike - Collect inventory information from Crowdstrike
This extension provides 6 bots.
Bot @crowdstrike:alerts
Bot Position In Pipeline: Sink
Get alert IDs from Crowdstrike.
This bot expects a Restricted CFXQL.
Each parameter may be specified using '=' operator and AND logical operation
Following are the parameters expected for this Bot
| Parameter Name | Type | Default Value | Description |
|---|---|---|---|
| column_name* | Text | Column Name which contains IP Addresses | |
| concurrent_discovery | Text | 10 | Number of concurrent jobs to run |
| tag | Text | Falcon Group tag. |
Bot @crowdstrike:behavior-data
Bot Position In Pipeline: Sink
Get all behaviors data from Crowdstrike.
This bot expects a Restricted CFXQL.
Each parameter may be specified using '=' operator and AND logical operation
Following are the parameters expected for this Bot
| Parameter Name | Type | Default Value | Description |
|---|---|---|---|
| column_name* | Text | Column Name which contains IP Addresses | |
| concurrent_discovery | Text | 10 | Number of concurrent jobs to run |
Bot @crowdstrike:detect-data
Bot Position In Pipeline: Sink
Get all detects data from Crowdstrike.
This bot expects a Restricted CFXQL.
Each parameter may be specified using '=' operator and AND logical operation
Following are the parameters expected for this Bot
| Parameter Name | Type | Default Value | Description |
|---|---|---|---|
| column_name* | Text | Column Name which contains IP Addresses | |
| concurrent_discovery | Text | 10 | Number of concurrent jobs to run |
Bot @crowdstrike:host-data
Bot Position In Pipeline: Sink
Get all hosts data from Crowdstrike.
This bot expects a Restricted CFXQL.
Each parameter may be specified using '=' operator and AND logical operation
Following are the parameters expected for this Bot
| Parameter Name | Type | Default Value | Description |
|---|---|---|---|
| column_name* | Text | Column Name which contains IP Addresses | |
| concurrent_discovery | Text | 10 | Number of concurrent jobs to run |
| tag | Text | Falcon Group tag. |
Bot @crowdstrike:incident-data
Bot Position In Pipeline: Sink
Get all incidents data from Crowdstrike.
This bot expects a Restricted CFXQL.
Each parameter may be specified using '=' operator and AND logical operation
Following are the parameters expected for this Bot
| Parameter Name | Type | Default Value | Description |
|---|---|---|---|
| column_name* | Text | Column Name which contains IP Addresses | |
| concurrent_discovery | Text | 10 | Number of concurrent jobs to run |
Bot @crowdstrike:query-device-data
Bot Position In Pipeline: Sink
Get all query hosts data from Crowdstrike.
This bot expects a Restricted CFXQL.
Each parameter may be specified using '=' operator and AND logical operation
Following are the parameters expected for this Bot
| Parameter Name | Type | Default Value | Description |
|---|---|---|---|
| column_name* | Text | Column Name which contains IP Addresses | |
| concurrent_discovery | Text | 10 | Number of concurrent jobs to run |
| tag | Text | Falcon Group tag. |