Get FalconScan - CrowdStrike/psfalcon GitHub Wiki

Get-FalconScan

SYNOPSIS

Search for on-demand or scheduled scan results

DESCRIPTION

Requires 'On-demand scans (ODS): Read'.

PARAMETERS

Name Type Description Min Max Allowed Pipeline PipelineByName
Id String[] Scan result identifier X X
Filter String Falcon Query Language expression to limit results

id
profile_id
description.keyword
initiated_from
filecount.scanned
filecount.malicious
filecount.quarantined
filecount.skipped
affected_hosts_count
status
severity
scan_started_on
scan_completed_on
created_on
created_by
last_updated
targeted_host_count
missing_host_count
Sort String Property and direction to sort results id|asc
id|desc
initiated_from|asc
initiated_from|desc
description.keyword|asc
description.keyword|desc
filecount.scanned|asc
filecount.scanned|desc
filecount.malicious|asc
filecount.malicious|desc
filecount.quarantined|asc
filecount.quarantined|desc
filecount.skipped|asc
filecount.skipped|desc
affected_hosts_count|asc
affected_hosts_count|desc
status|asc
status|desc
severity|asc
severity|desc
scan_started_on|asc
scan_started_on|desc
scan_completed_on|asc
scan_completed_on|desc
created_on|asc
created_on|desc
created_by|asc
created_by|desc
last_updated|asc
last_updated|desc
Limit Int32 Maximum number of results per request 1 500
Include String[] Include additional properties scan_file
Offset Int32 Position to begin retrieving results
Detailed Switch Retrieve detailed information
All Switch Repeat requests until all available results are retrieved
Total Switch Display total result count instead of results

SYNTAX

Get-FalconScan [[-Filter] <String>] [[-Sort] <String>] [[-Limit] <Int32>] [[-Include] <String[]>] [-Offset <Int32>] [-Detailed] [-All] [-Total] [-WhatIf] [-Confirm] [<CommonParameters>]
Get-FalconScan -Id <String[]> [-WhatIf] [-Confirm] [<CommonParameters>]

REFERENCE

Endpoints

GET /ods/entities/scans/v2
GET /ods/queries/scans/v1

falconpy

query_scans
get_scans_by_scan_ids_v2

USAGE

2024-09-03: PSFalcon v2.2.7

⚠️ **GitHub.com Fallback** ⚠️