Invoke FalconAlertAction - CrowdStrike/psfalcon GitHub Wiki
Perform actions on alerts
Requires 'Alerts: Write'.
| Name | Type | Description | Min | Max | Allowed | Pipeline | PipelineByName |
|---|---|---|---|---|---|---|---|
| Name | String | Action to perform |
add_tagappend_commentassign_to_nameassign_to_user_idassign_to_uuidremove_tagremove_tags_by_prefixshow_in_uiunassignupdate_status
|
||||
| Value | String | Value for the chosen action | |||||
| Action | Hashtable[] | One or more hashtables defining multiple name/value pairs | |||||
| IncludeHidden | Boolean | Include hidden alerts when performing action [default: $true] | |||||
| Id | String[] | Alert identifier | X | X |
Invoke-FalconAlertAction [-Name] <String> [[-Value] <String>] [[-IncludeHidden] <Boolean>] [-Id] <String[]> [-WhatIf] [-Confirm] [<CommonParameters>]Invoke-FalconAlertAction [-Action] <Hashtable[]> [[-IncludeHidden] <Boolean>] [-Id] <String[]> [-WhatIf] [-Confirm] [<CommonParameters>]PATCH /alerts/entities/alerts/v3
2024-09-03: PSFalcon v2.2.7
