Get-FalconScanFile

SYNOPSIS

Search for files found by on-demand or scheduled scans

DESCRIPTION

Requires 'On-demand scans (ODS): Read'.

PARAMETERS

Name	Type	Description	Min	Max	Allowed	Pipeline	PipelineByName
Id	String[]	Malicious file identifier				X	X
ScanId	String	On-demand scan identifier
Filter	String	Falcon Query Language expression to limit results
Sort	String	Property and direction to sort results			`id\|asc` `id\|desc` `scan_id\|asc` `scan_id\|desc` `host_id\|asc` `host_id\|desc` `host_scan_id\|asc` `host_scan_id\|desc` `filename\|asc` `filename\|desc` `hash\|asc` `hash\|desc` `pattern_id\|asc` `pattern_id\|desc` `severity\|asc` `severity\|desc` `last_updated\|asc` `last_updated\|desc`
Limit	Int32	Maximum number of results per request	`1`	`500`
Offset	Int32	Position to begin retrieving results
Detailed	Switch	Retrieve detailed information
All	Switch	Repeat requests until all available results are retrieved
Total	Switch	Display total result count instead of results

SYNTAX

Get-FalconScanFile [[-Filter] <String>] [[-Sort] <String>] [[-Limit] <Int32>] [-Offset <Int32>] [-Detailed] [-All] [-Total] [-WhatIf] [-Confirm] [<CommonParameters>]

Get-FalconScanFile -Id <String[]> [-WhatIf] [-Confirm] [<CommonParameters>]

Get-FalconScanFile -ScanId <String> [-Sort <String>] [-Limit <Int32>] [-Detailed] [-All] [-Total] [-WhatIf] [-Confirm] [<CommonParameters>]

REFERENCE

Endpoints

GET /ods/entities/malicious-files/v1
GET /ods/queries/malicious-files/v1

falconpy

query_malicious_files
get_malicious_files_by_ids

USAGE

2024-09-03: PSFalcon v2.2.7

Get FalconScanFile - CrowdStrike/psfalcon GitHub Wiki

Get-FalconScanFile

SYNOPSIS

DESCRIPTION

PARAMETERS

SYNTAX

REFERENCE

Endpoints

falconpy

USAGE

⚠️ GitHub.com Fallback ⚠️

Get FalconScanFile - CrowdStrike/psfalcon GitHub Wiki

Get-FalconScanFile

SYNOPSIS

DESCRIPTION

PARAMETERS

SYNTAX

REFERENCE

Endpoints

falconpy

USAGE

⚠️ **GitHub.com Fallback** ⚠️

⚠️ GitHub.com Fallback ⚠️