Get FalconHorizonIom - CrowdStrike/psfalcon GitHub Wiki
Search for Falcon Horizon Indicators of Misconfiguration
Requires 'CSPM registration: Read'.
Name | Type | Description | Min | Max | Allowed | Pipeline | PipelineByName |
---|---|---|---|---|---|---|---|
Id | String[] | Horizon Indicator of Misconfiguration identifier | X | X | |||
Filter | String |
Falcon Query Language expression to limit resultsaccount_id account_name agent_id attack_types azure_subscription_id cloud_provider cloud_service_keyword custom_policy_id is_managed policy_id policy_type region resource_id scan_time severity severity_string status use_current_scan_ids
|
|||||
Sort | String | Property and direction to sort results |
account_name.asc account_name.desc account_id.asc account_id.desc attack_types.asc attack_types.desc azure_subscription_id.asc azure_subscription_id.desc cloud_provider.asc cloud_provider.desc cloud_service_keyword.asc cloud_service_keyword.desc status.asc status.desc is_managed.asc is_managed.desc policy_id.asc policy_id.desc policy_type.asc policy_type.desc resource_id.asc resource_id.desc region.asc region.desc scan_time.asc scan_time.desc severity.asc severity.desc severity_string.asc severity_string.desc timestamp.asc timestamp.desc
|
||||
Limit | Int32 | Maximum number of results per request | 1 |
1000 |
|||
Offset | Int32 | Position to begin retrieving results | |||||
NextToken | String | Pagination token to retrieve the next set of results | |||||
Detailed | Switch | Retrieve detailed information | |||||
All | Switch | Repeat requests until all available results are retrieved | |||||
Total | Switch | Display total result count instead of results |
Get-FalconHorizonIom [[-Filter] <String>] [[-Sort] <String>] [[-Limit] <Int32>] [-Offset <Int32>] [-NextToken <String>] [-Detailed] [-All] [-Total] [-WhatIf] [-Confirm] [<CommonParameters>]
Get-FalconHorizonIom -Id <String[]> [-WhatIf] [-Confirm] [<CommonParameters>]
GET /detects/entities/iom/v2
GET /detects/queries/iom/v2
GetConfigurationDetectionIDsV2
GetConfigurationDetectionEntities
Get-FalconHorizonIom -Filter "cloud_provider:'azure'+region:'eastus'+severity=1" [-Detailed] [-All]
2023-11-27: PSFalcon v2.2.6