Get FalconFileVantageChange - CrowdStrike/psfalcon GitHub Wiki
Search for Falcon FileVantage changes
Requires 'Falcon FileVantage: Read'.
| Name | Type | Description | Min | Max | Allowed | Pipeline | PipelineByName |
|---|---|---|---|---|---|---|---|
| Id | String[] | FileVantage change identifier | X | X | |||
| Filter | String |
Falcon Query Language expression to limit resultsaction_timestampingestion_timestamphost.nameseverity
|
|||||
| Sort | String | Property and direction to sort results |
action_timestamp|ascaction_timestamp|descingestion_timestamp|ascingestion_timestamp|desc
|
||||
| Limit | Int32 | Maximum number of results per request | 1 |
5000 |
|||
| After | String | Pagination token to retrieve the next set of results | |||||
| Detailed | Switch | Retrieve detailed information | |||||
| All | Switch | Repeat requests until all available results are retrieved | |||||
| Total | Switch | Display total result count instead of results |
Get-FalconFileVantageChange [[-Filter] <String>] [[-Sort] <String>] [[-Limit] <Int32>] [-After <String>] [-Detailed] [-All] [-Total] [-WhatIf] [-Confirm] [<CommonParameters>]Get-FalconFileVantageChange -Id <String[]> [-WhatIf] [-Confirm] [<CommonParameters>]GET /filevantage/entities/changes/v2
GET /filevantage/queries/changes/v3
highVolumeQueryChanges
getChanges
2024-01-24: PSFalcon v2.2.6
