Get FalconOverWatchIncident - CrowdStrike/psfalcon GitHub Wiki
Retrieve the total number of Falcon OverWatch incidents across all customers
Requires 'OverWatch Dashboard: Read'.
Name | Type | Description | Min | Max | Allowed | Pipeline | PipelineByName |
---|---|---|---|---|---|---|---|
Filter | String | Falcon Query Language expression to limit results |
Get-FalconOverWatchIncident [-Filter] <String> [-WhatIf] [-Confirm] [<CommonParameters>]
GET /overwatch-dashboards/aggregates/incidents-global-counts/v1
AggregatesIncidentsGlobalCounts
Get-FalconOverWatchIncident -Filter "detect_time:>'now-48h'"
2023-04-25: PSFalcon v2.2.5