Invoke FalconAlertAction - CrowdStrike/psfalcon GitHub Wiki

Invoke-FalconAlertAction

SYNOPSIS

Perform actions on alerts

DESCRIPTION

Requires 'Alerts: Write'.

PARAMETERS

Name Type Description Min Max Allowed Pipeline PipelineByName
Name String Action to perform add_tag
append_comment
assign_to_name
assign_to_user_id
assign_to_uuid
remove_tag
remove_tags_by_prefix
show_in_ui
unassign
update_status
Value String Value for the chosen action
Id String[] Alert identifier X X

SYNTAX

Invoke-FalconAlertAction [-Name] <String> [[-Value] <String>] [-Id] <String[]> [-WhatIf] [-Confirm] [<CommonParameters>]

REFERENCE

Endpoints

PATCH /alerts/entities/alerts/v3

falconpy

PatchEntitiesAlertsV3

USAGE

2023-11-27: PSFalcon v2.2.6

⚠️ **GitHub.com Fallback** ⚠️