Get FalconScan - CrowdStrike/psfalcon GitHub Wiki

Get-FalconScan

SYNOPSIS

Search for on-demand or scheduled scan results

DESCRIPTION

Requires 'On-demand scans (ODS): Read'.

PARAMETERS

Name Type Description Min Max Allowed Pipeline PipelineByName
Id String[] Scan result identifier X X
Filter String Falcon Query Language expression to limit results
Sort String Property and direction to sort results id|asc
id|desc
initiated_from|asc
initiated_from|desc
description.keyword|asc
description.keyword|desc
filecount.scanned|asc
filecount.scanned|desc
filecount.malicious|asc
filecount.malicious|desc
filecount.quarantined|asc
filecount.quarantined|desc
filecount.skipped|asc
filecount.skipped|desc
affected_hosts_count|asc
affected_hosts_count|desc
status|asc
status|desc
severity|asc
severity|desc
scan_started_on|asc
scan_started_on|desc
scan_completed_on|asc
scan_completed_on|desc
created_on|asc
created_on|desc
created_by|asc
created_by|desc
last_updated|asc
last_updated|desc
Limit Int32 Maximum number of results per request
Offset Int32 Position to begin retrieving results
Detailed Switch Retrieve detailed information
All Switch Repeat requests until all available results are retrieved
Total Switch Display total result count instead of results

SYNTAX

Get-FalconScan [[-Filter] <String>] [[-Sort] <String>] [[-Limit] <Int32>] [-Offset <Int32>] [-Detailed] [-All] [-Total] [-WhatIf] [-Confirm] [<CommonParameters>]
Get-FalconScan -Id <String[]> [-WhatIf] [-Confirm] [<CommonParameters>]

REFERENCE

Endpoints

GET /ods/entities/scans/v2
GET /ods/queries/scans/v1

falconpy

query_scans
get_scans_by_scan_ids_v2

USAGE

2023-11-27: PSFalcon v2.2.6

⚠️ **GitHub.com Fallback** ⚠️