New FalconNgsCaseSla - CrowdStrike/psfalcon GitHub Wiki
Create a Falcon NGSIEM case SLA
Requires 'Case Templates: Write'.
| Name | Type | Description | Min | Max | Allowed | Pipeline | PipelineByName |
|---|---|---|---|---|---|---|---|
| Name | String | SLA name | X | ||||
| Description | String | SLA description | X | ||||
| Goal | Object[] | Objects containing 'goals' properties ('duration_seconds', 'escalation_policy', 'type') | X |
New-FalconNgsCaseSla [-Name] <String> [[-Description] <String>] [[-Goal] <Object[]>] [-WhatIf] [-Confirm] [<CommonParameters>]POST /casemgmt/entities/slas/v1
New-FalconNgsCaseSla -Name 'high severity' -Description 'SLA for high severity cases' -Goal @{ duration_seconds = 90; escalation_policy = @{ steps = @(@{ escalate_after_seconds = 0; notification_group_id = 'id' })}; type = 'ack' }, @{ duration_seconds = 300; type = 'resolve' }2025-08-25: PSFalcon v2.2.9
