Invoke FalconRtr

Invoke-FalconRtr

SYNOPSIS

Start a Real-time Response session, execute a command and output the result

DESCRIPTION

Requires 'Real Time Response: Read', 'Real Time Response: Write' or 'Real Time Response (Admin): Write' depending on 'Command' provided, plus related permission(s) for 'Include' selection(s).

PARAMETERS

Name	Type	Min	Max	Allowed	Pipeline	PipelineByName	Description
Command	String						Real-time Response command
Argument	String						Arguments to include with the command
Timeout	Int32	`30`	`600`				Length of time to wait for a result, in seconds
QueueOffline	Boolean						Add non-responsive Hosts to the offline queue
Include	String[]			`agent_version` `cid` `external_ip` `first_seen` `hostname` `last_seen` `local_ip` `mac_address` `os_build` `os_version` `platform_name` `product_type` `product_type_desc` `serial_number` `system_manufacturer` `system_product_name` `tags`			Include additional properties
GroupId	String						Host group identifier
HostId	String[]				X	X	Host identifier

SYNTAX

Invoke-FalconRtr [-Command] <String> [[-Argument] <String>] [[-Timeout] <Int32>] [[-QueueOffline] <Boolean>] [[-Include] <String[]>] -HostId <String[]> [-WhatIf] [-Confirm] [<CommonParameters>]

Invoke-FalconRtr [-Command] <String> [[-Argument] <String>] [[-Timeout] <Int32>] [[-QueueOffline] <Boolean>] [[-Include] <String[]>] -GroupId <String> [-WhatIf] [-Confirm] [<CommonParameters>]

USAGE

2022-10-31: PSFalcon v2.2.3

Using PSFalcon
Commands and Permissions
Examples
- Code Examples
- Samples
CrowdStrike SDKs
- PSFalcon - PowerShell
- FalconPy - Python 3
- goFalcon - Go
- Rusty Falcon - Rust

Provide feedback

Saved searches

Use saved searches to filter your results more quickly