New-FalconNgsCase

SYNOPSIS

Create a Falcon NGSIEM case

DESCRIPTION

Requires 'Cases: Write'.

PARAMETERS

Name	Type	Description	Allowed	PipelineByName
Name	String	Case name		X
Severity	String	Case severity		X
Description	String	Case description		X
Status	String	Case status	`new` `in_progress` `reopened` `closed`	X
Evidence	Object	Object containing evidence properties ('alerts', 'events', 'leads')		X
Tag	String[]	Case tags		X
AssignedUuid	String	User identifier for case assignment		X
Template	Object	Object containing case template properties ('id')		X

SYNTAX

New-FalconNgsCase [-Name] <String> [-Severity] <String> [[-Description] <String>] [[-Status] <String>] [[-Evidence] <Object>] [[-Tag] <String[]>] [[-AssignedUuid] <String>] [[-Template] <Object>] [-WhatIf] [-Confirm] [<CommonParameters>]

REFERENCE

Endpoints

PUT /cases/entities/cases/v2

falconpy

entities_cases_put_v2

USAGE

2025-08-25: PSFalcon v2.2.9

New FalconNgsCase - CrowdStrike/psfalcon GitHub Wiki

New-FalconNgsCase

SYNOPSIS

DESCRIPTION

PARAMETERS

SYNTAX

REFERENCE

Endpoints

falconpy

USAGE

⚠️ GitHub.com Fallback ⚠️

New FalconNgsCase - CrowdStrike/psfalcon GitHub Wiki

New-FalconNgsCase

SYNOPSIS

DESCRIPTION

PARAMETERS

SYNTAX

REFERENCE

Endpoints

falconpy

USAGE

⚠️ **GitHub.com Fallback** ⚠️

⚠️ GitHub.com Fallback ⚠️