Remove FalconIoaGroup - CrowdStrike/psfalcon GitHub Wiki

Remove-FalconIoaGroup

SYNOPSIS

Remove custom Indicator of Attack rule groups

DESCRIPTION

Requires 'Custom IOA rules: Write'.

PARAMETERS

Name Type Description Min Max Allowed Pipeline PipelineByName
Comment String Audit log comment
Id String[] Rule group identifier X X

SYNTAX

Remove-FalconIoaGroup [[-Comment] <String>] [-Id] <String[]> [-WhatIf] [-Confirm] [<CommonParameters>]

REFERENCE

Endpoints

DELETE /ioarules/entities/rule-groups/v1

falconpy

delete_rule_groupsMixin0

USAGE

Delete custom IOA rule groups

Remove-FalconIoaGroup -Id <id>, <id>

2023-04-25: PSFalcon v2.2.5

⚠️ **GitHub.com Fallback** ⚠️