Device Content - CrowdStrike/falconpy GitHub Wiki
| Operation ID | Description | ||||
|---|---|---|---|---|---|
|
Retrieve the host content state for a number of ids between 1 and 100. | ||||
|
Query for the content state of the host. | ||||
Retrieve the host content state for a number of IDs between 1 and 100.
get_states
| Method | Route |
|---|---|
 |
/device-content/entities/states/v1 |
- Consumes: application/json
- Produces: application/json
| Name | Service | Uber | Type | Data type | Description |
|---|---|---|---|---|---|
| ids |
 |
|
query | array (string) | The IDs of the devices to fetch the content state of. |
| parameters |
|
|
query | dictionary | Full query string parameters payload in JSON format. Not required if using other keywords. |
from falconpy import DeviceContent
falcon = DeviceContent(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
id_list = 'ID1,ID2,ID3' # Can also pass a list here: ['ID1', 'ID2', 'ID3']
response = falcon.get_states(ids=id_list)
print(response)from falconpy import DeviceContent
falcon = DeviceContent(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
id_list = 'ID1,ID2,ID3' # Can also pass a list here: ['ID1', 'ID2', 'ID3']
response = falcon.entities_states_v1(ids=id_list)
print(response)from falconpy import APIHarnessV2
falcon = APIHarnessV2(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
id_list = 'ID1,ID2,ID3' # Can also pass a list here: ['ID1', 'ID2', 'ID3']
response = falcon.command("entities_states_v1", ids=id_list)
print(response)Query for the content state of the host.
query_states
| Method | Route |
|---|---|
|
/device-content/queries/states/v1 |
- Consumes: application/json
- Produces: application/json
| Name | Service | Uber | Type | Data type | Description |
|---|---|---|---|---|---|
| filter |
|
|
query | string | The FQL search filter. |
| limit |
|
|
query | integer | The max number of resource ids to return. |
| sort |
|
|
query | string | What field to sort the results on. |
| offset |
|
|
query | integer | The offset token returned from the previous query. If none was returned, there are no more pages to the result set. |
| parameters |
|
|
query | dictionary | Full query string parameters payload in JSON format. Not required if using other keywords. |
from falconpy import DeviceContent
falcon = DeviceContent(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.query_states(limit=integer,
sort="string",
offset=integer,
filter="string"
)
print(response)from falconpy import DeviceContent
falcon = DeviceContent(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.queries_states_v1(limit=integer,
sort="string",
offset=integer,
filter="string"
)
print(response)from falconpy import APIHarnessV2
falcon = APIHarnessV2(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.command("queries_states_v1",
limit=integer,
sort="string",
offset=integer,
filter="string"
)
print(response)