Intelligence Indicator Graph - CrowdStrike/falconpy GitHub Wiki
| Operation ID | Description | ||||
|---|---|---|---|---|---|
|
Search indicators based on FQL filter. | ||||
Search indicators based on FQL filter.
search
| Method | Route |
|---|---|
 |
/intelligence/combined/indicators/v1 |
- Produces: application/json
| Name | Service | Uber | Type | Data type | Description |
|---|---|---|---|---|---|
| body |  |
 |
body | dictionary | Full body payload as JSON formatted dictionary. |
| filter | |
 |
body | string | FQL formatted filter. |
| limit | |
|
query | integer | Limit |
| offset | |
|
query | string | Offset |
| parameters | |
|
query | dictionary | Full query parameters payload as a dictionary, not required when using other keywords. |
| sort | |
|
body | dictionary or list of dictionaries | List of sort operations to perform on the resultset. |
from falconpy import IntelligenceIndicatorGraph
falcon = IntelligenceIndicatorGraph(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
sort_order = {
"field": "string",
"order": "string"
}
response = falcon.search(limit=integer, offset="string", filter="string", sort=sort_order)
print(response)from falconpy import IntelligenceIndicatorGraph
falcon = IntelligenceIndicatorGraph(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
sort_order = {
"field": "string",
"order": "string"
}
response = falcon.SearchIndicators(limit=integer,
offset="string",
filter="string",
sort=sort_order
)
print(response)from falconpy import APIHarnessV2
falcon = APIHarnessV2(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
body_payload = {
"filter": "string",
"sort": [
{
"field": "string",
"order": "string"
}
]
}
response = falcon.command("SearchIndicators", limit="string", offset="string", body=body_payload)
print(response)