Retrieve packages identified by the provided filter criteria
Passing credentials
WARNING
client_id and client_secret are keyword arguments that contain your CrowdStrike API credentials. Please note that all examples below do not hard code these values. (These values are ingested as strings.)
CrowdStrike does not recommend hard coding API credentials or customer identifiers within source code.
ReadPackagesCountByZeroDay
Retrieve packages count affected by zero day vulnerabilities
Filter packages using a query in Falcon Query Language (FQL). Supported filters: cid
parameters
query
dictionary
Full query string parameters payload in JSON format. Not required if using other keywords.
Usage
Service class example (PEP8 syntax)
fromfalconpyimportContainerPackages# Do not hardcode API credentials!falcon=ContainerPackages(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response=falcon.read_zero_day_counts(filter="string")
print(response)
Service class example (Operation ID syntax)
fromfalconpyimportContainerPackages# Do not hardcode API credentials!falcon=ContainerPackages(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response=falcon.ReadPackagesCountByZeroDay(filter="string")
print(response)
Uber class example
fromfalconpyimportAPIHarnessV2# Do not hardcode API credentials!falcon=APIHarnessV2(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response=falcon.command("ReadPackagesCountByZeroDay", filter="string")
print(response)
ReadPackagesByFixableVulnCount
Retrieve top x app packages with the most fixable vulnerabilities
Filter packages using a query in Falcon Query Language (FQL). Supported filters: cid,container_id,cveid,fix_status,image_digest,license,package_name_version,severity,type,vulnerability_count
limit
query
integer
The upper-bound on the number of records to retrieve.
offset
query
integer
The offset from where to begin.
parameters
query
dictionary
Full query string parameters payload in JSON format. Not required if using other keywords.
Usage
Service class example (PEP8 syntax)
fromfalconpyimportContainerPackages# Do not hardcode API credentials!falcon=ContainerPackages(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response=falcon.read_fixable_vuln_count(filter="string",
limit=integer,
offset=integer
)
print(response)
Service class example (Operation ID syntax)
fromfalconpyimportContainerPackages# Do not hardcode API credentials!falcon=ContainerPackages(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response=falcon.ReadPackagesByFixableVulnCount(filter="string",
limit=integer,
offset=integer
)
print(response)
Uber class example
fromfalconpyimportAPIHarnessV2# Do not hardcode API credentials!falcon=APIHarnessV2(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response=falcon.command("ReadPackagesByFixableVulnCount",
filter="string",
limit=integer,
offset=integer
)
print(response)
ReadPackagesByVulnCount
Retrieve top x packages with the most vulnerabilities
Filter packages using a query in Falcon Query Language (FQL). Supported filters: cid,container_id,cveid,fix_status,image_digest,license,package_name_version,severity,type,vulnerability_count
limit
query
integer
The upper-bound on the number of records to retrieve.
offset
query
integer
The offset from where to begin.
parameters
query
dictionary
Full query string parameters payload in JSON format. Not required if using other keywords.
Usage
Service class example (PEP8 syntax)
fromfalconpyimportContainerPackages# Do not hardcode API credentials!falcon=ContainerPackages(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response=falcon.read_vuln_count(filter="string",
limit=integer,
offset=integer
)
print(response)
Service class example (Operation ID syntax)
fromfalconpyimportContainerPackages# Do not hardcode API credentials!falcon=ContainerPackages(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response=falcon.ReadPackagesByVulnCount(filter="string",
limit=integer,
offset=integer
)
print(response)
Uber class example
fromfalconpyimportAPIHarnessV2# Do not hardcode API credentials!falcon=APIHarnessV2(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response=falcon.command("ReadPackagesByVulnCount",
filter="string",
limit=integer,
offset=integer
)
print(response)
ReadPackagesCombinedExport
Retrieve packages identified by the provided filter criteria for the purpose of export
PEP8 method name
read_combined_export
Endpoint
Method
Route
/container-security/combined/packages/export/v1
Required Scope
Content-Type
Produces: application/json
Keyword Arguments
Name
Service
Uber
Type
Data type
Description
filter
query
string
Filter packages using a query in Falcon Query Language (FQL). Supported filters: cid,container_id,cveid,fix_status,image_digest,license,package_name_version,severity,type,vulnerability_count
only_zero_day_affected
query
boolean
(true/false) load zero day affected packages, default is false
limit
query
integer
The upper-bound on the number of records to retrieve.
offset
query
integer
The offset from where to begin.
parameters
query
dictionary
Full query string parameters payload in JSON format. Not required if using other keywords.
sort
query
string
The fields to sort the records on. Supported columns: [license package_name_version type]
Usage
Service class example (PEP8 syntax)
fromfalconpyimportContainerPackages# Do not hardcode API credentials!falcon=ContainerPackages(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response=falcon.read_combined_export(filter="string",
only_zero_day_affected=boolean,
limit=integer,
offset=integer,
sort="string"
)
print(response)
Service class example (Operation ID syntax)
fromfalconpyimportContainerPackages# Do not hardcode API credentials!falcon=ContainerPackages(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response=falcon.ReadPackagesCombinedExport(filter="string",
only_zero_day_affected=boolean,
limit=integer,
offset=integer,
sort="string"
)
print(response)
Uber class example
fromfalconpyimportAPIHarnessV2# Do not hardcode API credentials!falcon=APIHarnessV2(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response=falcon.command("ReadPackagesCombinedExport",
filter="string",
only_zero_day_affected=boolean,
limit=integer,
offset=integer,
sort="string"
)
print(response)
ReadPackagesCombined
Retrieve packages identified by the provided filter criteria
PEP8 method name
read_combined
Endpoint
Method
Route
/container-security/combined/packages/v1
Required Scope
Content-Type
Produces: application/json
Keyword Arguments
Name
Service
Uber
Type
Data type
Description
filter
query
string
Filter packages using a query in Falcon Query Language (FQL). Supported filters: cid,container_id,cveid,fix_status,image_digest,license,package_name_version,severity,type,vulnerability_count
only_zero_day_affected
query
boolean
(true/false) load zero day affected packages, default is false
limit
query
integer
The upper-bound on the number of records to retrieve.
offset
query
integer
The offset from where to begin.
parameters
query
dictionary
Full query string parameters payload in JSON format. Not required if using other keywords.
sort
query
string
The fields to sort the records on. Supported columns: [license package_name_version type]
Usage
Service class example (PEP8 syntax)
fromfalconpyimportContainerPackages# Do not hardcode API credentials!falcon=ContainerPackages(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response=falcon.read_combined(filter="string",
only_zero_day_affected=boolean,
limit=integer,
offset=integer,
sort="string"
)
print(response)
Service class example (Operation ID syntax)
fromfalconpyimportContainerPackages# Do not hardcode API credentials!falcon=ContainerPackages(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response=falcon.ReadPackagesCombined(filter="string",
only_zero_day_affected=boolean,
limit=integer,
offset=integer,
sort="string"
)
print(response)
Uber class example
fromfalconpyimportAPIHarnessV2# Do not hardcode API credentials!falcon=APIHarnessV2(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response=falcon.command("ReadPackagesCombined",
filter="string",
only_zero_day_affected=boolean,
limit=integer,
offset=integer,
sort="string"
)
print(response)