Get FalconOverWatchEvent - CrowdStrike/psfalcon GitHub Wiki

Get-FalconOverWatchEvent

SYNOPSIS

Retrieve the total number of Falcon OverWatch events across all customers

DESCRIPTION

Requires 'OverWatch Dashboard: Read'.

PARAMETERS

Name Type Description Min Max Allowed Pipeline PipelineByName
Filter String Falcon Query Language expression to limit results

SYNTAX

Get-FalconOverWatchEvent [-Filter] <String> [-WhatIf] [-Confirm] [<CommonParameters>]

REFERENCE

Endpoints

GET /overwatch-dashboards/aggregates/ow-events-global-counts/v1

falconpy

AggregatesOWEventsGlobalCounts

USAGE

Getting the total number of Falcon OverWatch events that occurred across all customers

Get-FalconOverWatchEvent -Filter "total_count:>1"

2023-04-25: PSFalcon v2.2.5

⚠️ **GitHub.com Fallback** ⚠️