Get FalconThreatGraphVertex

Get-FalconThreatGraphVertex

SYNOPSIS

Retrieve detail about vertexes in the Falcon ThreatGraph

DESCRIPTION

Requires 'Threatgraph: Read'.

PARAMETERS

Name	Type	Description	Allowed	Pipeline	PipelineByName
Id	String[]	Vertex identifier		X	X
VertexType	String	Vertex type [default: 'any-vertex']	`accessories` `accessory` `actor` `ad-computers` `ad-groups` `ad_computer` `ad_group` `adfs-applications` `adfs_application` `aggregate-indicators` `aggregate_indicator` `any-vertex` `azure-ad-users` `azure-applications` `azure_ad_user` `azure_application` `certificate` `certificates` `command-lines` `command_line` `containerized-apps` `containerized_app` `control-graphs` `control_graph` `customer` `customers` `detection` `detection-indices` `detection_index` `detections` `devices` `direct` `directs` `domain` `domains` `extracted-files` `extracted_file` `firewall` `firewall_rule_match` `firewall_rule_matches` `firewalls` `firmware` `firmwares` `host-names` `host_name` `hunting-leads` `hunting_lead` `idp-indicators` `idp-sessions` `idp_indicator` `idp_session` `incident` `incidents` `indicator` `indicators` `ipv4` `ipv6` `k8s_cluster` `k8s_clusters` `kerberos-tickets` `kerberos_ticket` `legacy-detections` `legacy_detection` `macro_script` `macro_scripts` `mobile-apps` `mobile-fs-volumes` `mobile-indicators` `mobile_app` `mobile_fs_volume` `mobile_indicator` `mobile_os_forensics_report` `mobile_os_forensics_reports` `module` `modules` `okta-applications` `okta-users` `okta_application` `okta_user` `ping-fed-applications` `ping_fed_application` `process` `processes` `quarantined-files` `quarantined_file` `script` `scripts` `sensor` `sensor-self-diagnostics` `sensor_self_diagnostic` `tag` `tags` `user-sessions` `user_id` `user_session` `users` `wifi-access-points` `wifi_access_point` `xdr`		X
Scope	String	Scope of the request	`cspm` `customer` `cwpp` `device` `global`		X
Nano	Boolean	Return nano-precision entity timestamps
IncludeEdge	Switch	Include a brief list of connected edges

SYNTAX

Get-FalconThreatGraphVertex [-Id] <String[]> [[-VertexType] <String>] [[-Scope] <String>] [[-Nano] <Boolean>] [-WhatIf] [-Confirm] [<CommonParameters>]

Get-FalconThreatGraphVertex [-Id] <String[]> [[-VertexType] <String>] [[-Scope] <String>] [[-Nano] <Boolean>] -IncludeEdge [-WhatIf] [-Confirm] [<CommonParameters>]

REFERENCE

Endpoints

GET /threatgraph/combined/{vertex-type}/summary/v1
GET /threatgraph/entities/{vertex-type}/v2

falconpy

entities_vertices_getv2
combined_summary_get

USAGE

2024-09-03: PSFalcon v2.2.7

Using PSFalcon
Commands and Permissions
Examples
- Code Examples
- Samples
CrowdStrike SDKs
- PSFalcon - PowerShell
- FalconPy - Python 3
- goFalcon - Go
- Rusty Falcon - Rust

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Get FalconThreatGraphVertex

Get-FalconThreatGraphVertex

SYNOPSIS

DESCRIPTION

PARAMETERS

SYNTAX

REFERENCE

Endpoints

falconpy

USAGE

Clone this wiki locally