New FalconQuickScan - CrowdStrike/psfalcon GitHub Wiki
Submit a volume of files to Falcon QuickScan
'Id' values (Sha256 hashes) are retrieved from files that are uploaded using 'Send-FalconSample'. Files must be uploaded before they can be used with Falcon QuickScan.
Time required for analysis increases with the number of samples in a volume but usually takes less than 1 minute.
Requires 'Quick Scan (Falcon Intelligence): Write'.
| Name | Type | Description | Min | Max | Allowed | Pipeline | PipelineByName |
|---|---|---|---|---|---|---|---|
| Id | String[] | Sha256 hash value | X | X |
New-FalconQuickScan [-Id] <String[]> [-WhatIf] [-Confirm] [<CommonParameters>]POST /scanner/entities/scans/v1
The files submitted to Falcon Intelligence QuickScan must be previously uploaded through Send-FalconSample.
New-FalconQuickScan -Id <sha256>, <sha256>See Send-FalconSample.
2023-04-25: PSFalcon v2.2.5
