Get FalconCloudIoaUser

Get-FalconCloudIoaUser

SYNOPSIS

Retrieve Falcon Cloud Security Indicator of Attack users

DESCRIPTION

Requires 'CSPM registration: Read'.

PARAMETERS

Name	Type	Description	Allowed	PipelineByName
PolicyId	Int32	Policy identifier		X
CloudPlatform	String	Cloud platform	`aws` `azure` `gcp`
AwsAccountId	String	AWS account identifier		X
AzureSubscriptionId	String	Azure subscription identifier		X
AzureTenantId	String	Azure tenant identifier		X
State	String	Event state

SYNTAX

Get-FalconCloudIoaUser [-PolicyId] <Int32> [[-CloudPlatform] <String>] [[-AwsAccountId] <String>] [[-AzureSubscriptionId] <String>] [[-AzureTenantId] <String>] [[-State] <String>] [-WhatIf] [-Confirm] [<CommonParameters>]

REFERENCE

Endpoints

GET /ioa/entities/users/v1

USAGE

2024-09-03: PSFalcon v2.2.7

Using PSFalcon
Commands and Permissions
Examples
- Code Examples
- Samples
CrowdStrike SDKs
- PSFalcon - PowerShell
- FalconPy - Python 3
- goFalcon - Go
- Rusty Falcon - Rust

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Get FalconCloudIoaUser

Get-FalconCloudIoaUser

SYNOPSIS

DESCRIPTION

PARAMETERS

SYNTAX

REFERENCE

Endpoints

USAGE

Clone this wiki locally