New FalconCompleteCase - CrowdStrike/psfalcon GitHub Wiki
Create a Falcon Complete case
Requires 'Message Center: Write'.
| Name | Type | Description | Min | Max | Allowed | Pipeline | PipelineByName |
|---|---|---|---|---|---|---|---|
| Type | String | Case type |
fc:detection-supportfc:contactfc:falcon-product-supportfc:incident-support
|
||||
| Title | String | Case title | |||||
| Content | String | Case content | |||||
| DetectionId | String[] | Detection identifier | X | ||||
| IncidentId | String[] | Incident identifier | X | ||||
| MalwareSubmissionId | String | Malware submission identifier | X | ||||
| ReconRuleType | String | Recon rule type | X | ||||
| UserId | String | User identifier | X |
New-FalconCompleteCase [-Type] <String> [-Title] <String> [-Content] <String> [[-DetectionId] <String[]>] [[-IncidentId] <String[]>] [[-MalwareSubmissionId] <String>] [[-ReconRuleType] <String>] [-UserId] <String> [-WhatIf] [-Confirm] [<CommonParameters>]POST /message-center/entities/case/v2
New-FalconCompleteCase -UserId <user_uuid> -Type 'fc:detection-support' -Title 'support case with detection' -Content 'case with detection' -DetectionId <id>, <id>See Find detections.
New-FalconCompleteCase -UserId <user_uuid> -Type 'fc:incident-support' -Title 'support case with incident' -Content 'case with incident' -IncidentId <id>, <id>See Find incidents.
New-FalconCompleteCase -UserId <user_uuid> -Type 'fc:contact' -Title 'falcon complete support case' -Content 'falcon complete support case'See Find a user ID by username.
New-FalconCompleteCase -UserId <user_uuid> -Type 'fc:falcon-product-support' -Title 'contact support' -Content 'contact support'See Find a user ID by username.
2024-12-19: PSFalcon v2.2.8
