Get FalconIocHost - CrowdStrike/psfalcon GitHub Wiki
Search for hosts that have observed a custom indicator
Requires 'IOCs: Read'.
| Name | Type | Description | Min | Max | Allowed | Pipeline | PipelineByName |
|---|---|---|---|---|---|---|---|
| Type | String | Indicator type |
domainipv4ipv6md5sha256
|
X | |||
| Value | String | Indicator value | X | ||||
| Limit | String | Maximum number of results per request | 1 |
100 |
|||
| Offset | Int32 | Position to begin retrieving results | |||||
| All | Switch | Repeat requests until all available results are retrieved | |||||
| Total | Switch | Display the total result count instead of results |
Get-FalconIocHost [-Type] <String> [-Value] <String> [[-Limit] <String>] [-Offset <Int32>] [-All] [-WhatIf] [-Confirm] [<CommonParameters>]Get-FalconIocHost [-Type] <String> [-Value] <String> -Total [-WhatIf] [-Confirm] [<CommonParameters>]GET /indicators/queries/devices/v1
GET /iocs/aggregates/indicators/device-count/v1
DevicesRanOn
indicator_get_device_count_v1
Get-FalconIocHost -Type <string> -Value <string> -TotalGet-FalconIocHost -Type <string> -Value <string>2024-09-03: PSFalcon v2.2.7
