client_id and client_secret are keyword arguments that contain your CrowdStrike API credentials. Please note that all examples below do not hard code these values. (These values are ingested as strings.)
CrowdStrike does not recommend hard coding API credentials or customer identifiers within source code.
Format used to compress your downloaded file. Currently, you must provide the value gzip, the only valid format, as the Accept-Encoding header when using the Uber class. This keyword is not necessary when using the Service Class.
id
query
string
ID of an artifact, such as an IOC pack, PCAP file, or actor image. Find an artifact ID in a report or summary.
name
query
string
The name given to your downloaded file.
parameters
query
dictionary
Full query string parameters payload in JSON format.
Format used to compress your downloaded file. Currently, you must provide the value gzip, the only valid format, as the Accept-Encoding header when using the Uber class. This keyword is not necessary when using the Service Class.
id
query
string
Extracted strings ID.
name
query
string
The name given to your downloaded file.
parameters
query
dictionary
Full query string parameters payload in JSON format.
Format used to compress your downloaded file. Currently, you must provide the value gzip, the only valid format, as the Accept-Encoding header when using the Uber class. This keyword is not necessary when using the Service Class.
id
query
string
Hex dump ID.
name
query
string
The name given to your downloaded file.
parameters
query
dictionary
Full query string parameters payload in JSON format.
Format used to compress your downloaded file. Currently, you must provide the value gzip, the only valid format, as the Accept-Encoding header when using the Uber class. This keyword is not necessary when using the Service Class.
id
query
string
Memory dump ID.
name
query
string
The name given to your downloaded file.
parameters
query
dictionary
Full query string parameters payload in JSON format.
from falconpy import FalconXSandbox
# Do not hardcode API credentials!
falcon = FalconXSandbox(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
id_list = 'ID1,ID2,ID3'# Can also pass a list here: ['ID1', 'ID2', 'ID3']
response = falcon.get_summary_reports(ids=id_list)
print(response)
from falconpy import FalconXSandbox
# Do not hardcode API credentials!
falcon = FalconXSandbox(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
id_list = 'ID1,ID2,ID3'# Can also pass a list here: ['ID1', 'ID2', 'ID3']
response = falcon.GetSummaryReports(ids=id_list)
print(response)
from falconpy import APIHarnessV2
# Do not hardcode API credentials!
falcon = APIHarnessV2(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
id_list = 'ID1,ID2,ID3'# Can also pass a list here: ['ID1', 'ID2', 'ID3']
response = falcon.command("GetSummaryReports", ids=id_list)
print(response)
from falconpy import FalconXSandbox
# Do not hardcode API credentials!
falcon = FalconXSandbox(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
id_list = 'ID1,ID2,ID3'# Can also pass a list here: ['ID1', 'ID2', 'ID3']
response = falcon.get_reports(ids=id_list)
print(response)
from falconpy import FalconXSandbox
# Do not hardcode API credentials!
falcon = FalconXSandbox(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
id_list = 'ID1,ID2,ID3'# Can also pass a list here: ['ID1', 'ID2', 'ID3']
response = falcon.GetReports(ids=id_list)
print(response)
from falconpy import APIHarnessV2
# Do not hardcode API credentials!
falcon = APIHarnessV2(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
id_list = 'ID1,ID2,ID3'# Can also pass a list here: ['ID1', 'ID2', 'ID3']
response = falcon.command("GetReports", ids=id_list)
print(response)
from falconpy import FalconXSandbox
# Do not hardcode API credentials!
falcon = FalconXSandbox(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
id_list = 'ID1,ID2,ID3'# Can also pass a list here: ['ID1', 'ID2', 'ID3']
response = falcon.delete_report(ids=id_list)
print(response)
from falconpy import FalconXSandbox
# Do not hardcode API credentials!
falcon = FalconXSandbox(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
id_list = 'ID1,ID2,ID3'# Can also pass a list here: ['ID1', 'ID2', 'ID3']
response = falcon.DeleteReport(ids=id_list)
print(response)
from falconpy import APIHarnessV2
# Do not hardcode API credentials!
falcon = APIHarnessV2(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
id_list = 'ID1,ID2,ID3'# Can also pass a list here: ['ID1', 'ID2', 'ID3']
response = falcon.command("DeleteReport", ids=id_list)
print(response)
from falconpy import FalconXSandbox
# Do not hardcode API credentials!
falcon = FalconXSandbox(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
id_list = 'ID1,ID2,ID3'# Can also pass a list here: ['ID1', 'ID2', 'ID3']
response = falcon.get_submissions(ids=id_list)
print(response)
from falconpy import FalconXSandbox
# Do not hardcode API credentials!
falcon = FalconXSandbox(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
id_list = 'ID1,ID2,ID3'# Can also pass a list here: ['ID1', 'ID2', 'ID3']
response = falcon.GetSubmissions(ids=id_list)
print(response)
from falconpy import APIHarnessV2
# Do not hardcode API credentials!
falcon = APIHarnessV2(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
id_list = 'ID1,ID2,ID3'# Can also pass a list here: ['ID1', 'ID2', 'ID3']
response = falcon.command("GetSubmissions", ids=id_list)
print(response)
from falconpy import FalconXSandbox
# Do not hardcode API credentials!
falcon = FalconXSandbox(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
id_list = 'ID1,ID2,ID3'# Can also pass a list here: ['ID1', 'ID2', 'ID3']
response = falcon.delete_sample(ids=id_list)
print(response)
from falconpy import FalconXSandbox
# Do not hardcode API credentials!
falcon = FalconXSandbox(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
id_list = 'ID1,ID2,ID3'# Can also pass a list here: ['ID1', 'ID2', 'ID3']
response = falcon.DeleteSampleV2(ids=id_list)
print(response)
from falconpy import APIHarnessV2
# Do not hardcode API credentials!
falcon = APIHarnessV2(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
id_list = 'ID1,ID2,ID3'# Can also pass a list here: ['ID1', 'ID2', 'ID3']
response = falcon.command("DeleteSampleV2", ids=id_list)
print(response)
from falconpy import FalconXSandbox
# Do not hardcode API credentials!
falcon = FalconXSandbox(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
id_list = 'SHA1,SHA2,SHA3'# Can also pass a list here: ['SHA1', 'SHA2', 'SHA3']
response = falcon.query_sample(sha256s=id_list)
print(response)
from falconpy import FalconXSandbox
# Do not hardcode API credentials!
falcon = FalconXSandbox(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
id_list = 'SHA1,SHA2,SHA3'# Can also pass a list here: ['SHA1', 'SHA2', 'SHA3']
response = falcon.QuerySampleV1(sha256s=id_list)
print(response)