Expand FalconSampleArchive - CrowdStrike/psfalcon GitHub Wiki
Extract files from an uploaded sample archive to make them available for analysis.
Use the returned 'id' with 'Get-FalconSampleExtraction' to retrieve extraction status.
Requires 'Sample uploads: Write'.
| Name | Type | Description | Min | Max | Allowed | Pipeline | PipelineByName |
|---|---|---|---|---|---|---|---|
| ExtractAll | Boolean | Extract all files from sample [default: True] | |||||
| File | Object[] | Object(s) containing 'name', 'comment', and 'is_confidential' for uniquely handling individual files | |||||
| Id | String | Sample archive identifier | X | X |
Expand-FalconSampleArchive [[-ExtractAll] <Boolean>] [[-File] <Object[]>] [-Id] <String> [-WhatIf] [-Confirm] [<CommonParameters>]POST /archives/entities/extractions/v1
2023-04-25: PSFalcon v2.2.5
