Using the Serverless Exports service collection

Documentation Version

Operation ID

Description

ReadExportJobsMixin0
PEP 8	read_export_jobs

Read export jobs entities.

QueryExportJobsMixin0
PEP 8	query_export_jobs

Query export jobs entities.

DownloadExportFileMixin0
PEP 8	download_export_file

Download an export file.

GetCombinedVulnerabilitiesSARIF
PEP 8	get_vulnerabilities

Retrieve all lambda vulnerabilities that match the given query and return in the SARIF format.

LaunchExportJobMixin0
PEP 8	launch_export_job

Launch an export job of a Lambda Security resource.

Passing credentials

WARNING

client_id and client_secret are keyword arguments that contain your CrowdStrike API credentials. Please note that all examples below do not hard code these values. (These values are ingested as strings.)

CrowdStrike does not recommend hard coding API credentials or customer identifiers within source code.

ReadExportJobsMixin0

Read export jobs entities.

PEP8 method name

read_export_jobs

Endpoint

Method	Route
	`/lambdas/entities/exports/v1`

Required Scope

Content-Type

Produces: application/json

Keyword Arguments

Name	Service	Uber	Type	Data type	Description
ids			query	string or list of strings	Export Job IDs to read. Allowed up to 100 IDs per request.
parameters			query	dictionary	Full query string parameters payload in JSON format.

Usage

Service class example (PEP8 syntax)

from falconpy import ServerlessExports

# Do not hardcode API credentials!
falcon = ServerlessExports(client_id=CLIENT_ID,
                           client_secret=CLIENT_SECRET
                           )

id_list = 'ID1,ID2,ID3'  # Can also pass a list here: ['ID1', 'ID2', 'ID3']

response = falcon.read_export_jobs(ids=id_list)
print(response)

Service class example (Operation ID syntax)

from falconpy import ServerlessExports

# Do not hardcode API credentials!
falcon = ServerlessExports(client_id=CLIENT_ID,
                           client_secret=CLIENT_SECRET
                           )

id_list = 'ID1,ID2,ID3'  # Can also pass a list here: ['ID1', 'ID2', 'ID3']

response = falcon.ReadExportJobsMixin0(ids=id_list)
print(response)

Uber class example

from falconpy import APIHarnessV2

# Do not hardcode API credentials!
falcon = APIHarnessV2(client_id=CLIENT_ID,
                      client_secret=CLIENT_SECRET
                      )

id_list = 'ID1,ID2,ID3'  # Can also pass a list here: ['ID1', 'ID2', 'ID3']

response = falcon.command("ReadExportJobsMixin0", ids=id_list)
print(response)

Back to Table of Contents

QueryExportJobsMixin0

Query export jobs entities.

PEP8 method name

query_export_jobs

Endpoint

Method	Route
	`/lambdas/queries/exports/v1`

Required Scope

Content-Type

Produces: application/json

Keyword Arguments

Name	Service	Uber	Type	Data type	Description
filter			query	string	Filter exports using a query in Falcon Query Language (FQL). Only the last 100 jobs are returned. Supported filter fields: `resource`, `status`.
parameters			query	dictionary	Full query string parameters payload in JSON format.

Usage

Service class example (PEP8 syntax)

from falconpy import ServerlessExports

# Do not hardcode API credentials!
falcon = ServerlessExports(client_id=CLIENT_ID,
                           client_secret=CLIENT_SECRET
                           )

response = falcon.query_export_jobs(filter="string")
print(response)

Service class example (Operation ID syntax)

from falconpy import ServerlessExports

# Do not hardcode API credentials!
falcon = ServerlessExports(client_id=CLIENT_ID,
                           client_secret=CLIENT_SECRET
                           )

response = falcon.QueryExportJobsMixin0(filter="string")
print(response)

Uber class example

from falconpy import APIHarnessV2

# Do not hardcode API credentials!
falcon = APIHarnessV2(client_id=CLIENT_ID,
                      client_secret=CLIENT_SECRET
                      )

response = falcon.command("QueryExportJobsMixin0", filter="string")
print(response)

Back to Table of Contents

DownloadExportFileMixin0

Download an export file.

PEP8 method name

download_export_file

Endpoint

Method	Route
	`/lambdas/entities/exports/files/v1`

Required Scope

Content-Type

Produces: application/json

Keyword Arguments

Name	Service	Uber	Type	Data type	Description
id			query	string	Export job ID.
parameters			query	dictionary	Full query string parameters payload in JSON format.

Usage

Service class example (PEP8 syntax)

from falconpy import ServerlessExports

# Do not hardcode API credentials!
falcon = ServerlessExports(client_id=CLIENT_ID,
                           client_secret=CLIENT_SECRET
                           )

response = falcon.download_export_file(id="string")
print(response)

Service class example (Operation ID syntax)

from falconpy import ServerlessExports

# Do not hardcode API credentials!
falcon = ServerlessExports(client_id=CLIENT_ID,
                           client_secret=CLIENT_SECRET
                           )

response = falcon.DownloadExportFileMixin0(id="string")
print(response)

Uber class example

from falconpy import APIHarnessV2

# Do not hardcode API credentials!
falcon = APIHarnessV2(client_id=CLIENT_ID,
                      client_secret=CLIENT_SECRET
                      )

response = falcon.command("DownloadExportFileMixin0", id="string")
print(response)

Back to Table of Contents

LaunchExportJobMixin0

Launch an export job of a Lambda Security resource. Maximum of 1 job in progress per resource. Use expand_vulnerabilities=true to get detailed vulnerability information.

PEP8 method name

launch_export_job

Endpoint

Method	Route
	`/lambdas/entities/exports/v1`

Required Scope

Content-Type

Produces: application/json

Keyword Arguments

Name	Type	Data type	Description
expand_vulnerabilities	body	boolean	Flag to include detailed vulnerability information.
format	body	string	The export file format.
fql	body	string	Filter the export using Falcon Query Language (FQL).
resource	body	string	The resource to export. Supported resources: `function.detections`, `function.vulnerabilities-expanded`, `function.vulnerabilities`.
sort	body	string	The fields to sort the records on.
body	body	dictionary	Full body payload as a JSON formatted dictionary.

Usage

Service class example (PEP8 syntax)

from falconpy import ServerlessExports

# Do not hardcode API credentials!
falcon = ServerlessExports(client_id=CLIENT_ID,
                           client_secret=CLIENT_SECRET
                           )

response = falcon.launch_export_job(expand_vulnerabilities=boolean,
                                    format="string",
                                    fql="string",
                                    resource="string",
                                    sort="string"
                                    )
print(response)

Service class example (Operation ID syntax)

from falconpy import ServerlessExports

# Do not hardcode API credentials!
falcon = ServerlessExports(client_id=CLIENT_ID,
                           client_secret=CLIENT_SECRET
                           )

response = falcon.LaunchExportJobMixin0(expand_vulnerabilities=boolean,
                                        format="string",
                                        fql="string",
                                        resource="string",
                                        sort="string"
                                        )
print(response)

Uber class example

from falconpy import APIHarnessV2

# Do not hardcode API credentials!
falcon = APIHarnessV2(client_id=CLIENT_ID,
                      client_secret=CLIENT_SECRET
                      )

response = falcon.command("LaunchExportJobMixin0",
                          body={
                              "expand_vulnerabilities": boolean,
                              "format": "string",
                              "fql": "string",
                              "resource": "string",
                              "sort": "string"
                          })
print(response)

Back to Table of Contents

The CrowdStrike Falcon Wiki for Python