Get FalconThreatGraphVertex - CrowdStrike/psfalcon GitHub Wiki

Get-FalconThreatGraphVertex

SYNOPSIS

Retrieve detail about vertexes in the Falcon ThreatGraph

DESCRIPTION

Requires 'Threatgraph: Read'.

PARAMETERS

Name Type Description Min Max Allowed Pipeline PipelineByName
Id String[] Vertex identifier X X
VertexType String Vertex type [default: 'any-vertex'] accessories
accessory
actor
ad-computers
ad-groups
ad_computer
ad_group
adfs-applications
adfs_application
aggregate-indicators
aggregate_indicator
any-vertex
azure-ad-users
azure-applications
azure_ad_user
azure_application
certificate
certificates
command-lines
command_line
containerized-apps
containerized_app
control-graphs
control_graph
customer
customers
detection
detection-indices
detection_index
detections
devices
direct
directs
domain
domains
extracted-files
extracted_file
firewall
firewall_rule_match
firewall_rule_matches
firewalls
firmware
firmwares
host-names
host_name
hunting-leads
hunting_lead
idp-indicators
idp-sessions
idp_indicator
idp_session
incident
incidents
indicator
indicators
ipv4
ipv6
k8s_cluster
k8s_clusters
kerberos-tickets
kerberos_ticket
legacy-detections
legacy_detection
macro_script
macro_scripts
mobile-apps
mobile-fs-volumes
mobile-indicators
mobile_app
mobile_fs_volume
mobile_indicator
mobile_os_forensics_report
mobile_os_forensics_reports
module
modules
okta-applications
okta-users
okta_application
okta_user
ping-fed-applications
ping_fed_application
process
processes
quarantined-files
quarantined_file
script
scripts
sensor
sensor-self-diagnostics
sensor_self_diagnostic
tag
tags
user-sessions
user_id
user_session
users
wifi-access-points
wifi_access_point
xdr 		X
Scope String Scope of the request cspm
customer
cwpp
device
global 		X
Nano Boolean Return nano-precision entity timestamps
IncludeEdge Switch Include a brief list of connected edges

SYNTAX

Get-FalconThreatGraphVertex [-Id] <String[]> [[-VertexType] <String>] [[-Scope] <String>] [[-Nano] <Boolean>] [-WhatIf] [-Confirm] [<CommonParameters>]
Get-FalconThreatGraphVertex [-Id] <String[]> [[-VertexType] <String>] [[-Scope] <String>] [[-Nano] <Boolean>] -IncludeEdge [-WhatIf] [-Confirm] [<CommonParameters>]

REFERENCE

Endpoints

GET /threatgraph/combined/{vertex-type}/summary/v1
GET /threatgraph/entities/{vertex-type}/v2

falconpy

entities_vertices_getv2
combined_summary_get

USAGE

2024-09-03: PSFalcon v2.2.7

⚠️ **GitHub.com Fallback** ⚠️