Test FalconQuarantineAction - CrowdStrike/psfalcon GitHub Wiki

Test-FalconQuarantineAction

SYNOPSIS

Check the number of quarantined files potentially affected by a filter-based action

DESCRIPTION

Requires 'Quarantined Files: Write'.

PARAMETERS

Name Type Description Min Max Allowed Pipeline PipelineByName
Filter String Falcon Query Language statement

SYNTAX

Test-FalconQuarantineAction [-Filter] <String> [-WhatIf] [-Confirm] [<CommonParameters>]

REFERENCE

Endpoints

GET /quarantine/aggregates/action-update-count/v1

falconpy

ActionUpdateCount

USAGE

Check how quarantined files would be affected by an action

Test-FalconQuarantineAction -Filter "device.hostname:'EXAMPLE-PC'"

See Invoke-FalconQuarantineAction.

2023-04-25: PSFalcon v2.2.5

⚠️ **GitHub.com Fallback** ⚠️