Using the IOA Exclusions service collection
Table of Contents
| Operation ID | Description | ||||
|---|---|---|---|---|---|
| Get a set of IOA Exclusions by specifying their IDs. | ||||
| Create the IOA exclusions. | ||||
| Delete the IOA exclusions by ID. | ||||
| Update the IOA exclusions. | ||||
| Search for IOA exclusions. | ||||
| Get Self Service IOA Exclusion aggregates as specified via json in the request body. | ||||
| Create a report of Self Service IOA Exclusions scoped by the given filters. | ||||
| Get the Self Service IOA Exclusions rules by id. | ||||
| Create new Self Service IOA Exclusions. | ||||
| Update the Self Service IOA Exclusions rule by id. | ||||
| Delete the Self Service IOA Exclusions rule by id. | ||||
| Get Self Service IOA Exclusions rules for matched IFN/CLI for child, parent and grandparent. | ||||
| Get defaults for Self Service IOA Exclusions based on provided IFN/CLI for child, parent and grandparent. | ||||
| Search for Self Service IOA Exclusions. | ||||
Passing credentials
WARNING
client_idandclient_secretare keyword arguments that contain your CrowdStrike API credentials. Please note that all examples below do not hard code these values. (These values are ingested as strings.)CrowdStrike does not recommend hard coding API credentials or customer identifiers within source code.
getIOAExclusionsV1
Get a set of IOA Exclusions by specifying their IDs
PEP8 method name
get_exclusions
Endpoint
| Method | Route |
|---|---|
 | /policy/entities/ioa-exclusions/v1 |
Required Scope
Content-Type
- Produces: application/json
Keyword Arguments
| Name | Service | Uber | Type | Data type | Description |
|---|---|---|---|---|---|
| ids |  | | query | string or list of strings | The IDs of the exclusions to retrieve. |
| parameters | | | query | dictionary | Full query string parameters payload in JSON format. |
Usage
Service class example (PEP8 syntax)
from falconpy import IOAExclusions
# Do not hardcode API credentials!
falcon = IOAExclusions(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
id_list = 'ID1,ID2,ID3' # Can also pass a list here: ['ID1', 'ID2', 'ID3']
response = falcon.get_exclusions(ids=id_list)
print(response)
Service class example (Operation ID syntax)
from falconpy import IOAExclusions
# Do not hardcode API credentials!
falcon = IOAExclusions(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
id_list = 'ID1,ID2,ID3' # Can also pass a list here: ['ID1', 'ID2', 'ID3']
response = falcon.getIOAExclusionsV1(ids=id_list)
print(response)
Uber class example
from falconpy import APIHarnessV2
# Do not hardcode API credentials!
falcon = APIHarnessV2(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
id_list = 'ID1,ID2,ID3' # Can also pass a list here: ['ID1', 'ID2', 'ID3']
response = falcon.command("getIOAExclusionsV1", ids=id_list)
print(response)
Back to Table of Contents
createIOAExclusionsV1
Create the IOA exclusions
PEP8 method name
create_exclusions
Endpoint
| Method | Route |
|---|---|
 | /policy/entities/ioa-exclusions/v1 |
Required Scope
Content-Type
- Produces: application/json
Keyword Arguments
| Name | Service | Uber | Type | Data type | Description |
|---|---|---|---|---|---|
| body | |  | body | dictionary | Full body payload in JSON format. |
| cl_regex | |  | body | string | Command line regular expression. |
| comment | | | body | string | String comment describing why the exclusions was created. |
| description | | | body | string | Exclusion description. |
| detection_json | | | body | string | JSON formatted detection template. |
| groups | | | body | list of strings | Group ID(s) impacted by the exclusion. |
| ifn_regex | | | body | string | Indicator file name regular expression. |
| name | | | body | string | Name of the exclusion. |
| pattern_id | | | body | string | ID of the pattern to use for the exclusion. |
| pattern_name | | | body | string | Name of the pattern to use for the exclusion. |
Usage
Service class example (PEP8 syntax)
from falconpy import IOAExclusions
# Do not hardcode API credentials!
falcon = IOAExclusions(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
group_list = ['ID1', 'ID2', 'ID3']
response = falcon.create_exclusions(cl_regex="string",
comment="string",
description="string",
detection_json="string",
groups=group_list,
ifn_regex="string",
name="string",
pattern_id="string",
pattern_name="string"
)
print(response)
Service class example (Operation ID syntax)
from falconpy import IOAExclusions
# Do not hardcode API credentials!
falcon = IOAExclusions(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
group_list = ['ID1', 'ID2', 'ID3']
response = falcon.createIOAExclusionsV1(cl_regex="string",
comment="string",
description="string",
detection_json="string",
groups=group_list,
ifn_regex="string",
name="string",
pattern_id="string",
pattern_name="string"
)
print(response)
Uber class example
from falconpy import APIHarnessV2
# Do not hardcode API credentials!
falcon = APIHarnessV2(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
group_list = ['ID1', 'ID2', 'ID3']
BODY = {
"cl_regex": "string",
"comment": "string",
"description": "string",
"detection_json": "string",
"groups": group_list,
"ifn_regex": "string",
"name": "string",
"pattern_id": "string",
"pattern_name": "string"
}
response = falcon.command("createIOAExclusionsV1", body=BODY)
print(response)
Back to Table of Contents
deleteIOAExclusionsV1
Delete the IOA exclusions by id
PEP8 method name
delete_exclusions
Endpoint
| Method | Route |
|---|---|
 | /policy/entities/ioa-exclusions/v1 |
Required Scope
Content-Type
- Produces: application/json
Keyword Arguments
| Name | Service | Uber | Type | Data type | Description |
|---|---|---|---|---|---|
| comment | | | query | string | Explains why this exclusion was deleted. |
| ids | | | query | string or list of strings | The IDs of the exclusions to retrieve. |
| parameters | | | query | dictionary | Full query string parameters payload in JSON format. |
Usage
Service class example (PEP8 syntax)
from falconpy import IOAExclusions
# Do not hardcode API credentials!
falcon = IOAExclusions(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
id_list = 'ID1,ID2,ID3' # Can also pass a list here: ['ID1', 'ID2', 'ID3']
response = falcon.delete_exclusions(comment="string", ids=id_list)
print(response)
Service class example (Operation ID syntax)
from falconpy import IOAExclusions
# Do not hardcode API credentials!
falcon = IOAExclusions(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
id_list = 'ID1,ID2,ID3' # Can also pass a list here: ['ID1', 'ID2', 'ID3']
response = falcon.deleteIOAExclusionsV1(comment="string", ids=id_list)
print(response)
Uber class example
from falconpy import APIHarnessV2
# Do not hardcode API credentials!
falcon = APIHarnessV2(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
id_list = 'ID1,ID2,ID3' # Can also pass a list here: ['ID1', 'ID2', 'ID3']
response = falcon.command("deleteIOAExclusionsV1", comment="string", ids=id_list)
print(response)
Back to Table of Contents
updateIOAExclusionsV1
Update the IOA exclusions
PEP8 method name
update_exclusions
Endpoint
| Method | Route |
|---|---|
 | /policy/entities/ioa-exclusions/v1 |
Required Scope
Content-Type
- Produces: application/json
Keyword Arguments
| Name | Service | Uber | Type | Data type | Description |
|---|---|---|---|---|---|
| body | | | body | dictionary | Full body payload in JSON format. |
| cl_regex | | | body | string | Command line regular expression. |
| comment | | | body | string | String comment describing why the exclusions was created. |
| description | | | body | string | Exclusion description. |
| detection_json | | | body | string | JSON formatted detection template. |
| groups | | | body | list of strings | Group ID(s) impacted by the exclusion. |
| id | | | body | string | ID of the exclusion to update. |
| ifn_regex | | | body | string | Indicator file name regular expression. |
| name | | | body | string | Name of the exclusion. |
| pattern_id | | | body | string | ID of the pattern to use for the exclusion. |
| pattern_name | | | body | string | Name of the pattern to use for the exclusion. |
Usage
Service class example (PEP8 syntax)
from falconpy import IOAExclusions
# Do not hardcode API credentials!
falcon = IOAExclusions(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
group_list = ['ID1', 'ID2', 'ID3']
response = falcon.update_exclusions(cl_regex="string",
comment="string",
description="string",
detection_json="string",
groups=group_list,
id="string",
ifn_regex="string",
name="string",
pattern_id="string",
pattern_name="string"
)
print(response)
Service class example (Operation ID syntax)
from falconpy import IOAExclusions
# Do not hardcode API credentials!
falcon = IOAExclusions(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
group_list = ['ID1', 'ID2', 'ID3']
response = falcon.updateIOAExclusionsV1(cl_regex="string",
comment="string",
description="string",
detection_json="string",
groups=group_list,
id="string",
ifn_regex="string",
name="string",
pattern_id="string",
pattern_name="string"
)
print(response)
Uber class example
from falconpy import APIHarnessV2
# Do not hardcode API credentials!
falcon = APIHarnessV2(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
group_list = ['ID1', 'ID2', 'ID3']
BODY = {
"cl_regex": "string",
"comment": "string",
"description": "string",
"detection_json": "string",
"groups": group_list,
"id": "string",
"ifn_regex": "string",
"name": "string",
"pattern_id": "string",
"pattern_name": "string"
}
response = falcon.command("updateIOAExclusionsV1", body=BODY)
print(response)
Back to Table of Contents
queryIOAExclusionsV1
Search for IOA exclusions.
PEP8 method name
query_exclusions
Endpoint
| Method | Route |
|---|---|
| /policy/queries/ioa-exclusions/v1 |
Required Scope
Content-Type
- Produces: application/json
Keyword Arguments
| Name | Service | Uber | Type | Data type | Description |
|---|---|---|---|---|---|
| cl_regex | | | query | string | Command line regular expression. |
| filter | | | query | string | The filter expression that should be used to limit the results. FQL syntax. Available filters:
|
| ifn_regex | | | query | string | Indicator file name regular expression. |
| limit | | | query | integer | The maximum number of records to return. [1-500] |
| offset | | | query | integer | The offset to start retrieving records from. |
| parameters | | | query | dictionary | Full query string parameters payload in JSON format. |
| sort | | | query | string | The property to sort by. FQL syntax. (e.g. last_behavior.asc) Available sort fields:
|
Usage
Service class example (PEP8 syntax)
from falconpy import IOAExclusions
# Do not hardcode API credentials!
falcon = IOAExclusions(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.query_exclusions(cl_regex="string",
filter="string",
offset=integer,
ifn_regex="string",
limit=integer,
sort="string"
)
print(response)
Service class example (Operation ID syntax)
from falconpy import IOAExclusions
# Do not hardcode API credentials!
falcon = IOAExclusions(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.queryIOAExclusionsV1(cl_regex="string",
filter="string",
offset=integer,
ifn_regex="string",
limit=integer,
sort="string"
)
print(response)
Uber class example
from falconpy import APIHarnessV2
# Do not hardcode API credentials!
falcon = APIHarnessV2(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.command("queryIOAExclusionsV1",
cl_regex="string",
filter="string",
offset=integer,
ifn_regex="string",
limit=integer,
sort="string"
)
print(response)
Back to Table of Contents
ss_ioa_exclusions_aggregates_v2
Get Self Service IOA Exclusion aggregates as specified via json in the request body.
PEP8 method name
get_ss_exclusion_aggregates
Endpoint
| Method | Route |
|---|---|
| /exclusions/aggregates/ss-ioa-exclusions/GET/v2 |
Required Scope
Content-Type
- Produces: application/json
Keyword Arguments
| Name | Service | Uber | Type | Data type | Description |
|---|---|---|---|---|---|
| body | | | body | dictionary | Full body payload in JSON format. |
| cl_regex | | | query | string | The cl_regex expression to filter exclusion aggregations by. |
| date_ranges | | | body | list of dictionaries | Date range specifications. |
| exclude | | | body | string | Exclusion string. |
| extended_bounds | | | body | dictionary | Extended bounds specification. |
| field | | | body | string | Field to aggregate on. |
| filter | | | body | string | FQL filter expression. |
| filters_spec | | | body | dictionary | Filter specification. |
| from | | | body | integer | Starting position. |
| grandparent_cl_regex | | | query | string | The grandparent_cl_regex expression to filter exclusion aggregations by. |
| grandparent_ifn_regex | | | query | string | The grandparent_ifn_regex expression to filter exclusion aggregations by. |
| ifn_regex | | | query | string | The ifn_regex expression to filter exclusion aggregations by. |
| include | | | body | string | Include string. |
| interval | | | body | string | Time interval for date histogram aggregations. |
| max_doc_count | | | body | integer | Maximum document count. |
| min_doc_count | | | body | integer | Minimum document count. |
| missing | | | body | string | Missing value. |
| name | | | body | string | Aggregation name. |
| parameters | | | query | dictionary | Full query string parameters payload in JSON format. |
| parent_cl_regex | | | query | string | The parent_cl_regex expression to filter exclusion aggregations by. |
| parent_ifn_regex | | | query | string | The parent_ifn_regex expression to filter exclusion aggregations by. |
| percents | | | body | list of integers | Percentile values. |
| q | | | body | string | FQL syntax query. |
| ranges | | | body | list of dictionaries | Range specifications. |
| size | | | body | integer | Maximum number of results to return. |
| sort | | | body | string | Sort expression. |
| sub_aggregates | | | body | list | Sub-aggregation specifications. |
| time_zone | | | body | string | Time zone for date aggregations. |
| type | | | body | string | Aggregation type. |
Usage
Service class example (PEP8 syntax)
from falconpy import IOAExclusions
# Do not hardcode API credentials!
falcon = IOAExclusions(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.get_ss_exclusion_aggregates(field="string",
filter="string",
name="string",
size=integer,
sort="string",
type="string",
ifn_regex="string",
cl_regex="string",
parent_ifn_regex="string",
parent_cl_regex="string",
grandparent_ifn_regex="string",
grandparent_cl_regex="string"
)
print(response)
Service class example (Operation ID syntax)
from falconpy import IOAExclusions
# Do not hardcode API credentials!
falcon = IOAExclusions(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.ss_ioa_exclusions_aggregates_v2(field="string",
filter="string",
name="string",
size=integer,
sort="string",
type="string",
ifn_regex="string",
cl_regex="string",
parent_ifn_regex="string",
parent_cl_regex="string",
grandparent_ifn_regex="string",
grandparent_cl_regex="string"
)
print(response)
Uber class example
from falconpy import APIHarnessV2
# Do not hardcode API credentials!
falcon = APIHarnessV2(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
BODY = {
"field": "string",
"filter": "string",
"name": "string",
"size": integer,
"sort": "string",
"type": "string"
}
response = falcon.command("ss_ioa_exclusions_aggregates_v2",
ifn_regex="string",
cl_regex="string",
parent_ifn_regex="string",
parent_cl_regex="string",
grandparent_ifn_regex="string",
grandparent_cl_regex="string",
body=BODY
)
print(response)
Back to Table of Contents
ss_ioa_exclusions_get_reports_v2
Create a report of Self Service IOA Exclusions scoped by the given filters.
PEP8 method name
get_ss_exclusion_reports_v2
Endpoint
| Method | Route |
|---|---|
| /exclusions/entities/ss-ioa-exclusions/reports/v2 |
Required Scope
Content-Type
- Produces: application/json
Keyword Arguments
| Name | Service | Uber | Type | Data type | Description |
|---|---|---|---|---|---|
| body | | | body | dictionary | Full body payload in JSON format. |
| report_format | | | body | string | Report format. |
| search | | | body | dictionary | Search filter and sort specification. |
Usage
Service class example (PEP8 syntax)
from falconpy import IOAExclusions
# Do not hardcode API credentials!
falcon = IOAExclusions(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
search = {
"filter": "string",
"sort": "string"
}
response = falcon.get_ss_exclusion_reports_v2(report_format="string",
search=search
)
print(response)
Service class example (Operation ID syntax)
from falconpy import IOAExclusions
# Do not hardcode API credentials!
falcon = IOAExclusions(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
search = {
"filter": "string",
"sort": "string"
}
response = falcon.ss_ioa_exclusions_get_reports_v2(report_format="string",
search=search
)
print(response)
Uber class example
from falconpy import APIHarnessV2
# Do not hardcode API credentials!
falcon = APIHarnessV2(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
BODY = {
"report_format": "string",
"search": {
"filter": "string",
"sort": "string"
}
}
response = falcon.command("ss_ioa_exclusions_get_reports_v2", body=BODY)
print(response)
Back to Table of Contents
ss_ioa_exclusions_get_v2
Get the Self Service IOA Exclusions rules by id.
PEP8 method name
get_ss_exclusion_rules_v2
Endpoint
| Method | Route |
|---|---|
| /exclusions/entities/ss-ioa-exclusions/v2 |
Required Scope
Content-Type
- Produces: application/json
Keyword Arguments
| Name | Service | Uber | Type | Data type | Description |
|---|---|---|---|---|---|
| ids | | | query | string or list of strings | The IDs of the exclusions to retrieve. |
| parameters | | | query | dictionary | Full query string parameters payload in JSON format. |
Usage
Service class example (PEP8 syntax)
from falconpy import IOAExclusions
# Do not hardcode API credentials!
falcon = IOAExclusions(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
id_list = 'ID1,ID2,ID3' # Can also pass a list here: ['ID1', 'ID2', 'ID3']
response = falcon.get_ss_exclusion_rules_v2(ids=id_list)
print(response)
Service class example (Operation ID syntax)
from falconpy import IOAExclusions
# Do not hardcode API credentials!
falcon = IOAExclusions(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
id_list = 'ID1,ID2,ID3' # Can also pass a list here: ['ID1', 'ID2', 'ID3']
response = falcon.ss_ioa_exclusions_get_v2(ids=id_list)
print(response)
Uber class example
from falconpy import APIHarnessV2
# Do not hardcode API credentials!
falcon = APIHarnessV2(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
id_list = 'ID1,ID2,ID3' # Can also pass a list here: ['ID1', 'ID2', 'ID3']
response = falcon.command("ss_ioa_exclusions_get_v2", ids=id_list)
print(response)
Back to Table of Contents
ss_ioa_exclusions_create_v2
Create new Self Service IOA Exclusions.
PEP8 method name
create_ss_exclusions
Endpoint
| Method | Route |
|---|---|
| /exclusions/entities/ss-ioa-exclusions/v2 |
Required Scope
Content-Type
- Produces: application/json
Keyword Arguments
| Name | Service | Uber | Type | Data type | Description |
|---|---|---|---|---|---|
| body | | | body | dictionary | Full body payload in JSON format. |
| exclusions | | | body | list of dictionaries | List of exclusion definitions. |
Usage
Service class example (PEP8 syntax)
from falconpy import IOAExclusions
# Do not hardcode API credentials!
falcon = IOAExclusions(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
exclusions = [
{
"cl_regex": "string",
"comment": "string",
"description": "string",
"detection_json": "string",
"grandparent_cl_regex": "string",
"grandparent_ifn_regex": "string",
"host_groups": ["string"],
"ifn_regex": "string",
"name": "string",
"parent_cl_regex": "string",
"parent_ifn_regex": "string",
"pattern_id": "string",
"pattern_name": "string"
}
]
response = falcon.create_ss_exclusions(exclusions=exclusions)
print(response)
Service class example (Operation ID syntax)
from falconpy import IOAExclusions
# Do not hardcode API credentials!
falcon = IOAExclusions(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
exclusions = [
{
"cl_regex": "string",
"comment": "string",
"description": "string",
"detection_json": "string",
"grandparent_cl_regex": "string",
"grandparent_ifn_regex": "string",
"host_groups": ["string"],
"ifn_regex": "string",
"name": "string",
"parent_cl_regex": "string",
"parent_ifn_regex": "string",
"pattern_id": "string",
"pattern_name": "string"
}
]
response = falcon.ss_ioa_exclusions_create_v2(exclusions=exclusions)
print(response)
Uber class example
from falconpy import APIHarnessV2
# Do not hardcode API credentials!
falcon = APIHarnessV2(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
BODY = {
"exclusions": [
{
"cl_regex": "string",
"comment": "string",
"description": "string",
"detection_json": "string",
"grandparent_cl_regex": "string",
"grandparent_ifn_regex": "string",
"host_groups": ["string"],
"ifn_regex": "string",
"name": "string",
"parent_cl_regex": "string",
"parent_ifn_regex": "string",
"pattern_id": "string",
"pattern_name": "string"
}
]
}
response = falcon.command("ss_ioa_exclusions_create_v2", body=BODY)
print(response)
Back to Table of Contents
ss_ioa_exclusions_update_v2
Update the Self Service IOA Exclusions rule by id.
PEP8 method name
update_ss_exclusions
Endpoint
| Method | Route |
|---|---|
| /exclusions/entities/ss-ioa-exclusions/v2 |
Required Scope
Content-Type
- Produces: application/json
Keyword Arguments
| Name | Service | Uber | Type | Data type | Description |
|---|---|---|---|---|---|
| body | | | body | dictionary | Full body payload in JSON format. |
| exclusions | | | body | list of dictionaries | List of exclusion definitions. |
Usage
Service class example (PEP8 syntax)
from falconpy import IOAExclusions
# Do not hardcode API credentials!
falcon = IOAExclusions(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
exclusions = [
{
"cl_regex": "string",
"comment": "string",
"description": "string",
"detection_json": "string",
"grandparent_cl_regex": "string",
"grandparent_ifn_regex": "string",
"host_groups": ["string"],
"id": "string",
"ifn_regex": "string",
"name": "string",
"parent_cl_regex": "string",
"parent_ifn_regex": "string",
"pattern_id": "string",
"pattern_name": "string"
}
]
response = falcon.update_ss_exclusions(exclusions=exclusions)
print(response)
Service class example (Operation ID syntax)
from falconpy import IOAExclusions
# Do not hardcode API credentials!
falcon = IOAExclusions(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
exclusions = [
{
"cl_regex": "string",
"comment": "string",
"description": "string",
"detection_json": "string",
"grandparent_cl_regex": "string",
"grandparent_ifn_regex": "string",
"host_groups": ["string"],
"id": "string",
"ifn_regex": "string",
"name": "string",
"parent_cl_regex": "string",
"parent_ifn_regex": "string",
"pattern_id": "string",
"pattern_name": "string"
}
]
response = falcon.ss_ioa_exclusions_update_v2(exclusions=exclusions)
print(response)
Uber class example
from falconpy import APIHarnessV2
# Do not hardcode API credentials!
falcon = APIHarnessV2(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
BODY = {
"exclusions": [
{
"cl_regex": "string",
"comment": "string",
"description": "string",
"detection_json": "string",
"grandparent_cl_regex": "string",
"grandparent_ifn_regex": "string",
"host_groups": ["string"],
"id": "string",
"ifn_regex": "string",
"name": "string",
"parent_cl_regex": "string",
"parent_ifn_regex": "string",
"pattern_id": "string",
"pattern_name": "string"
}
]
}
response = falcon.command("ss_ioa_exclusions_update_v2", body=BODY)
print(response)
Back to Table of Contents
ss_ioa_exclusions_delete_v2
Delete the Self Service IOA Exclusions rule by id.
PEP8 method name
delete_ss_exclusions
Endpoint
| Method | Route |
|---|---|
| /exclusions/entities/ss-ioa-exclusions/v2 |
Required Scope
Content-Type
- Produces: application/json
Keyword Arguments
| Name | Service | Uber | Type | Data type | Description |
|---|---|---|---|---|---|
| comment | | | query | string | The comment why these ss ioa exclusions were deleted. |
| ids | | | query | string or list of strings | The IDs of the exclusions to delete. |
| parameters | | | query | dictionary | Full query string parameters payload in JSON format. |
Usage
Service class example (PEP8 syntax)
from falconpy import IOAExclusions
# Do not hardcode API credentials!
falcon = IOAExclusions(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
id_list = 'ID1,ID2,ID3' # Can also pass a list here: ['ID1', 'ID2', 'ID3']
response = falcon.delete_ss_exclusions(comment="string", ids=id_list)
print(response)
Service class example (Operation ID syntax)
from falconpy import IOAExclusions
# Do not hardcode API credentials!
falcon = IOAExclusions(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
id_list = 'ID1,ID2,ID3' # Can also pass a list here: ['ID1', 'ID2', 'ID3']
response = falcon.ss_ioa_exclusions_delete_v2(comment="string", ids=id_list)
print(response)
Uber class example
from falconpy import APIHarnessV2
# Do not hardcode API credentials!
falcon = APIHarnessV2(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
id_list = 'ID1,ID2,ID3' # Can also pass a list here: ['ID1', 'ID2', 'ID3']
response = falcon.command("ss_ioa_exclusions_delete_v2", comment="string", ids=id_list)
print(response)
Back to Table of Contents
ss_ioa_exclusions_matched_rule_v2
Get Self Service IOA Exclusions rules for matched IFN/CLI for child, parent and grandparent.
PEP8 method name
get_ss_exclusion_matched_rules
Endpoint
| Method | Route |
|---|---|
| /exclusions/entities/ss-ioa-matched-rules/v2 |
Required Scope
Content-Type
- Produces: application/json
Keyword Arguments
| Name | Service | Uber | Type | Data type | Description |
|---|---|---|---|---|---|
| aid | | | body | string | Agent ID. |
| body | | | body | dictionary | Full body payload in JSON format. |
| command_line | | | body | string | Command line. |
| grandparent_command_line | | | body | string | Grandparent command line. |
| grandparent_image_file_name | | | body | string | Grandparent image file name. |
| image_file_name | | | body | string | Image file name. |
| parent_command_line | | | body | string | Parent command line. |
| parent_image_file_name | | | body | string | Parent image file name. |
| pattern_ids | | | body | list of strings | Pattern IDs. |
Usage
Service class example (PEP8 syntax)
from falconpy import IOAExclusions
# Do not hardcode API credentials!
falcon = IOAExclusions(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.get_ss_exclusion_matched_rules(aid="string",
command_line="string",
grandparent_command_line="string",
grandparent_image_file_name="string",
image_file_name="string",
parent_command_line="string",
parent_image_file_name="string",
pattern_ids=["string"]
)
print(response)
Service class example (Operation ID syntax)
from falconpy import IOAExclusions
# Do not hardcode API credentials!
falcon = IOAExclusions(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.ss_ioa_exclusions_matched_rule_v2(aid="string",
command_line="string",
grandparent_command_line="string",
grandparent_image_file_name="string",
image_file_name="string",
parent_command_line="string",
parent_image_file_name="string",
pattern_ids=["string"]
)
print(response)
Uber class example
from falconpy import APIHarnessV2
# Do not hardcode API credentials!
falcon = APIHarnessV2(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
BODY = {
"aid": "string",
"command_line": "string",
"grandparent_command_line": "string",
"grandparent_image_file_name": "string",
"image_file_name": "string",
"parent_command_line": "string",
"parent_image_file_name": "string",
"pattern_ids": ["string"]
}
response = falcon.command("ss_ioa_exclusions_matched_rule_v2", body=BODY)
print(response)
Back to Table of Contents
ss_ioa_exclusions_new_rules_v2
Get defaults for Self Service IOA Exclusions based on provided IFN/CLI for child, parent and grandparent.
PEP8 method name
get_default_ss_exclusions
Endpoint
| Method | Route |
|---|---|
| /exclusions/entities/ss-ioa-new-rules/v2 |
Required Scope
Content-Type
- Produces: application/json
Keyword Arguments
| Name | Service | Uber | Type | Data type | Description |
|---|---|---|---|---|---|
| aid | | | body | string | Agent ID. |
| body | | | body | dictionary | Full body payload in JSON format. |
| command_line | | | body | string | Command line. |
| grandparent_command_line | | | body | string | Grandparent command line. |
| grandparent_image_file_name | | | body | string | Grandparent image file name. |
| image_file_name | | | body | string | Image file name. |
| parent_command_line | | | body | string | Parent command line. |
| parent_image_file_name | | | body | string | Parent image file name. |
Usage
Service class example (PEP8 syntax)
from falconpy import IOAExclusions
# Do not hardcode API credentials!
falcon = IOAExclusions(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.get_default_ss_exclusions(aid="string",
command_line="string",
grandparent_command_line="string",
grandparent_image_file_name="string",
image_file_name="string",
parent_command_line="string",
parent_image_file_name="string"
)
print(response)
Service class example (Operation ID syntax)
from falconpy import IOAExclusions
# Do not hardcode API credentials!
falcon = IOAExclusions(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.ss_ioa_exclusions_new_rules_v2(aid="string",
command_line="string",
grandparent_command_line="string",
grandparent_image_file_name="string",
image_file_name="string",
parent_command_line="string",
parent_image_file_name="string"
)
print(response)
Uber class example
from falconpy import APIHarnessV2
# Do not hardcode API credentials!
falcon = APIHarnessV2(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
BODY = {
"aid": "string",
"command_line": "string",
"grandparent_command_line": "string",
"grandparent_image_file_name": "string",
"image_file_name": "string",
"parent_command_line": "string",
"parent_image_file_name": "string"
}
response = falcon.command("ss_ioa_exclusions_new_rules_v2", body=BODY)
print(response)
Back to Table of Contents
ss_ioa_exclusions_search_v2
Search for Self Service IOA Exclusions.
PEP8 method name
query_ss_exclusions
Endpoint
| Method | Route |
|---|---|
| /exclusions/queries/ss-ioa-exclusions/v2 |
Required Scope
Content-Type
- Produces: application/json
Keyword Arguments
| Name | Service | Uber | Type | Data type | Description |
|---|---|---|---|---|---|
| cl_regex | | | query | string | The cl_regex expression to filter exclusions by. |
| filter | | | query | string | The filter expression that should be used to limit the results. |
| grandparent_cl_regex | | | query | string | The grandparent_cl_regex expression to filter exclusions by. |
| grandparent_ifn_regex | | | query | string | The grandparent_ifn_regex expression to filter exclusions by. |
| ifn_regex | | | query | string | The ifn_regex expression to filter exclusions by. |
| limit | | | query | integer | The maximum records to return. [1-500] |
| offset | | | query | integer | The offset to start retrieving records from. |
| parameters | | | query | dictionary | Full query string parameters payload in JSON format. |
| parent_cl_regex | | | query | string | The parent_cl_regex expression to filter exclusions by. |
| parent_ifn_regex | | | query | string | The parent_ifn_regex expression to filter exclusions by. |
| sort | | | query | string | The sort expression that should be used to sort the results. |
Usage
Service class example (PEP8 syntax)
from falconpy import IOAExclusions
# Do not hardcode API credentials!
falcon = IOAExclusions(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.query_ss_exclusions(filter="string",
ifn_regex="string",
cl_regex="string",
parent_ifn_regex="string",
parent_cl_regex="string",
grandparent_ifn_regex="string",
grandparent_cl_regex="string",
offset=integer,
limit=integer,
sort="string"
)
print(response)
Service class example (Operation ID syntax)
from falconpy import IOAExclusions
# Do not hardcode API credentials!
falcon = IOAExclusions(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.ss_ioa_exclusions_search_v2(filter="string",
ifn_regex="string",
cl_regex="string",
parent_ifn_regex="string",
parent_cl_regex="string",
grandparent_ifn_regex="string",
grandparent_cl_regex="string",
offset=integer,
limit=integer,
sort="string"
)
print(response)
Uber class example
from falconpy import APIHarnessV2
# Do not hardcode API credentials!
falcon = APIHarnessV2(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.command("ss_ioa_exclusions_search_v2",
filter="string",
ifn_regex="string",
cl_regex="string",
parent_ifn_regex="string",
parent_cl_regex="string",
grandparent_ifn_regex="string",
grandparent_cl_regex="string",
offset=integer,
limit=integer,
sort="string"
)
print(response)
Back to Table of Contents