select instance_id, hostname, last_login_timestampfrom crowdstrike_host;
select hostname, device_policiesfrom crowdstrike_hostwhere (device_policies -> 'firewall' -> 'applied') :: bool = false;
select detection_id, created_timestamp, device ->> 'device_id' as device_id, device ->> 'hostname' as hostname, device ->> 'platform_name' as platform_name, device ->> 'os_version' as os_version, statusfrom crowdstrike_detectionwhere status = 'open' and now() - created_timestamp > interval '4 days';
Parameter | Description |
---|---|
SQL statement | The SQL statement we wish to use to query the resource. |
Output format | Representation of the output result. The possible options are “Table”, “CSV” or “JSON”. |
Was this page helpful?