Receive-FalconArtifact

SYNOPSIS

Download an artifact from a Falcon Intelligence Sandbox report

DESCRIPTION

Artifact identifier values can be retrieved for specific Falcon Intelligence Sandbox reports using 'Get-FalconReport'.

Requires 'Sandbox (Falcon Intelligence): Read'.

PARAMETERS

Name	Type	Description	Pipeline	PipelineByName
Path	String	Destination path
Id	String	Artifact identifier	X	X
Force	Switch	Overwrite an existing file when present

SYNTAX

Receive-FalconArtifact [-Path] <String> [-Id] <String> [-Force] [-WhatIf] [-Confirm] [<CommonParameters>]

REFERENCE

Endpoints

GET /falconx/entities/artifacts/v1

falconpy

GetArtifacts

USAGE

Download a strict IOC pack

$Report = Get-FalconReport -Id <id>
Receive-FalconArtifact -Id $Report.ioc_report_strict_csv_artifact_id -Path .\ioc_report_strict_csv_artifact_id.csv

See Get-FalconReport.

2023-04-25: PSFalcon v2.2.5

Receive FalconArtifact - CrowdStrike/psfalcon GitHub Wiki

Receive-FalconArtifact

SYNOPSIS

DESCRIPTION

PARAMETERS

SYNTAX

REFERENCE

Endpoints

falconpy

USAGE

Download a strict IOC pack

⚠️ GitHub.com Fallback ⚠️

Receive FalconArtifact - CrowdStrike/psfalcon GitHub Wiki

Receive-FalconArtifact

SYNOPSIS

DESCRIPTION

PARAMETERS

SYNTAX

REFERENCE

Endpoints

falconpy

USAGE

Download a strict IOC pack

⚠️ **GitHub.com Fallback** ⚠️

⚠️ GitHub.com Fallback ⚠️