Get FalconScan - CrowdStrike/psfalcon GitHub Wiki
Search for on-demand or scheduled scan results
Requires 'On-demand scans (ODS): Read'.
Name | Type | Description | Min | Max | Allowed | Pipeline | PipelineByName |
---|---|---|---|---|---|---|---|
Id | String[] | Scan result identifier | X | X | |||
Filter | String | Falcon Query Language expression to limit results | |||||
Sort | String | Property and direction to sort results |
id|asc id|desc initiated_from|asc initiated_from|desc description.keyword|asc description.keyword|desc filecount.scanned|asc filecount.scanned|desc filecount.malicious|asc filecount.malicious|desc filecount.quarantined|asc filecount.quarantined|desc filecount.skipped|asc filecount.skipped|desc affected_hosts_count|asc affected_hosts_count|desc status|asc status|desc severity|asc severity|desc scan_started_on|asc scan_started_on|desc scan_completed_on|asc scan_completed_on|desc created_on|asc created_on|desc created_by|asc created_by|desc last_updated|asc last_updated|desc
|
||||
Limit | Int32 | Maximum number of results per request | |||||
Offset | Int32 | Position to begin retrieving results | |||||
Detailed | Switch | Retrieve detailed information | |||||
All | Switch | Repeat requests until all available results are retrieved | |||||
Total | Switch | Display total result count instead of results |
Get-FalconScan [[-Filter] <String>] [[-Sort] <String>] [[-Limit] <Int32>] [-Offset <Int32>] [-Detailed] [-All] [-Total] [-WhatIf] [-Confirm] [<CommonParameters>]
Get-FalconScan -Id <String[]> [-WhatIf] [-Confirm] [<CommonParameters>]
GET /ods/entities/scans/v2
GET /ods/queries/scans/v1
query_scans
get_scans_by_scan_ids_v2
2023-11-27: PSFalcon v2.2.6