Device Content - CrowdStrike/falconpy GitHub Wiki
| Operation ID | Description | ||||
|---|---|---|---|---|---|
|
Retrieve the host content state for a number of ids between 1 and 100. | ||||
|
Query for the content state of the host. | ||||
WARNING
client_idandclient_secretare keyword arguments that contain your CrowdStrike API credentials. Please note that all examples below do not hard code these values. (These values are ingested as strings.)CrowdStrike does not recommend hard coding API credentials or customer identifiers within source code.
Retrieve the host content state for a number of IDs between 1 and 100.
get_states
| Method | Route |
|---|---|
 |
/device-content/entities/states/v1 |
- Consumes: application/json
- Produces: application/json
| Name | Service | Uber | Type | Data type | Description |
|---|---|---|---|---|---|
| ids |
 |
|
query | array (string) | The IDs of the devices to fetch the content state of. |
| parameters |
|
|
query | dictionary | Full query string parameters payload in JSON format. Not required if using other keywords. |
from falconpy import DeviceContent
falcon = DeviceContent(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
id_list = 'ID1,ID2,ID3' # Can also pass a list here: ['ID1', 'ID2', 'ID3']
response = falcon.get_states(ids=id_list)
print(response)from falconpy import DeviceContent
falcon = DeviceContent(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
id_list = 'ID1,ID2,ID3' # Can also pass a list here: ['ID1', 'ID2', 'ID3']
response = falcon.entities_states_v1(ids=id_list)
print(response)from falconpy import APIHarnessV2
falcon = APIHarnessV2(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
id_list = 'ID1,ID2,ID3' # Can also pass a list here: ['ID1', 'ID2', 'ID3']
response = falcon.command("entities_states_v1", ids=id_list)
print(response)Query for the content state of the host.
query_states
| Method | Route |
|---|---|
|
/device-content/queries/states/v1 |
- Consumes: application/json
- Produces: application/json
| Name | Service | Uber | Type | Data type | Description |
|---|---|---|---|---|---|
| filter |
|
|
query | string | The FQL search filter. |
| limit |
|
|
query | integer | The max number of resource ids to return. |
| sort |
|
|
query | string | What field to sort the results on. |
| offset |
|
|
query | integer | The offset token returned from the previous query. If none was returned, there are no more pages to the result set. |
| parameters |
|
|
query | dictionary | Full query string parameters payload in JSON format. Not required if using other keywords. |
from falconpy import DeviceContent
falcon = DeviceContent(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.query_states(limit=integer,
sort="string",
offset=integer,
filter="string"
)
print(response)from falconpy import DeviceContent
falcon = DeviceContent(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.queries_states_v1(limit=integer,
sort="string",
offset=integer,
filter="string"
)
print(response)from falconpy import APIHarnessV2
falcon = APIHarnessV2(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.command("queries_states_v1",
limit=integer,
sort="string",
offset=integer,
filter="string"
)
print(response)