Invoke FalconHostAction - CrowdStrike/psfalcon GitHub Wiki
Perform actions on hosts
Requires 'Hosts: Write', plus related permission(s) for 'Include' selection(s).
| Name | Type | Description | Min | Max | Allowed | Pipeline | PipelineByName |
|---|---|---|---|---|---|---|---|
| Name | String | Action to perform |
containlift_containmenthide_hostunhide_hostdetection_suppressdetection_unsuppress
|
||||
| Include | String[] | Include additional properties |
agent_versioncidexternal_ipfirst_seenhost_hidden_statushostnamelast_seenlocal_ipmac_addressos_buildos_versionplatform_nameproduct_typeproduct_type_descreduced_functionality_modeserial_numbersystem_manufacturersystem_product_nametags
|
||||
| Id | String[] | Host identifier | X | X |
Invoke-FalconHostAction [-Name] <String> [[-Include] <String[]>] [-Id] <String[]> [-WhatIf] [-Confirm] [<CommonParameters>]POST /devices/entities/devices-actions/v2
Invoke-FalconHostAction -Name contain -Id <id>, <id>Invoke-FalconHostAction -Name lift_containment -Id <id>, <id>See Network contain a device by Hostname.
See Network contain a list of Hostnames from a CSV file.
Invoke-FalconHostAction -Name hide_host -Id <id>, <id>Invoke-FalconHostAction -Name unhide_host -Id <id>, <id>2023-04-25: PSFalcon v2.2.5
