Send FalconNgsSavedQuery - CrowdStrike/psfalcon GitHub Wiki
Create a Falcon NGSIEM saved query from a YAML template
Requires 'NGSIEM Saved Queries: Write'.
| Name | Type | Description | Min | Max | Allowed | Pipeline | PipelineByName |
|---|---|---|---|---|---|---|---|
| Domain | String | Repository or view |
allfalconthird-party
|
X | |||
| Path | String | Path to YAML template | X |
Send-FalconNgsSavedQuery [-Domain] <String> [-Path] <String> [-WhatIf] [-Confirm] [<CommonParameters>]POST /ngsiem-content/entities/savedqueries-template/v1
2025-08-05: PSFalcon v2.2.9
