Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.blinkops.com/llms.txt

Use this file to discover all available pages before exploring further.

Get details on one or more hosts by providing a comma-separated list of agent IDs (AID). You can get a host’s agent IDs (AIDs) from the “List Devices” action. The following permission is required to run this action:
  • Hosts: Read.
External DocumentationTo learn more, visit the CrowdStrike documentation.

Parameters

ParameterDescription
Devices IDsA comma-separated list of the device IDs to get details on. Can be obtained via the List Devices action.

Example Output

{
  "meta": {
    "query_time": 0.001494733,
    "powered_by": "device-api",
    "trace_id": "213456-123456-12345-23145-12345678"
  },
  "resources": [
    {
      "device_id": "1234567891234567893245678",
      "cid": "12987343207031295703",
      "agent_load_flags": "0",
      "agent_local_time": "2023-01-10T23:43:52.948Z",
      "agent_version": "6.49.16303.0",
      "bios_manufacturer": "Xen",
      "bios_version": "4.11.amazon",
      "build_number": "0000",
      "config_id_base": "12345",
      "config_id_build": "12345",
      "config_id_platform": "3",
      "cpu_signature": "12345",
      "external_ip": "0.0000.000.000",
      "mac_address": "00-00-00-00-00-00",
      "instance_id": "i-123123123123",
      "service_provider": "AWS_EC2_V2",
      "service_provider_account_id": "12344556789",
      "hostname": "WIN-EEEEEEE",
      "first_seen": "2022-12-20T07:15:32Z",
      "last_seen": "2023-01-18T19:06:21Z",
      "local_ip": "000.00.00.000",
      "major_version": "6",
      "minor_version": "3",
      "os_version": "Windows Server 2012 R2",
      "os_build": "9600",
      "platform_id": "0",
      "platform_name": "Windows",
      "policies": [
        {
          "policy_type": "prevention",
          "policy_id": "123445678891234567890",
          "applied": true,
          "settings_hash": "00000",
          "assigned_date": "2022-12-20T07:16:48.099669988Z",
          "applied_date": "2022-12-20T07:16:55.777285268Z",
          "rule_groups": []
        }
      ],
      "reduced_functionality_mode": "no",
      "device_policies": {
        "prevention": {
          "policy_type": "prevention",
          "policy_id": "123445678891234567890",
          "applied": true,
          "settings_hash": "00000",
          "assigned_date": "2022-12-20T07:16:48.099669988Z",
          "applied_date": "2022-12-20T07:16:55.777285268Z",
          "rule_groups": []
        },
        "sensor_update": {
          "policy_type": "sensor-update",
          "policy_id": "123445678891234567890",
          "applied": true,
          "settings_hash": "tagged|1;101",
          "assigned_date": "2023-01-11T00:13:55.90159299Z",
          "applied_date": "2023-01-11T00:16:35.67695318Z",
          "uninstall_protection": "ENABLED"
        },
        "device_control": {
          "policy_type": "device-control",
          "policy_id": "123445678891234567890",
          "applied": false,
          "assigned_date": "2023-01-18T19:20:15.474833061Z",
          "applied_date": null
        },
        "global_config": {
          "policy_type": "globalconfig",
          "policy_id": "123445678891234567890",
          "applied": true,
          "settings_hash": "00000",
          "assigned_date": "2023-01-18T00:06:12.114878175Z",
          "applied_date": "2023-01-18T00:12:30.222679248Z"
        },
        "remote_response": {
          "policy_type": "remote-response",
          "policy_id": "123445678891234567890",
          "applied": true,
          "settings_hash": "000000",
          "assigned_date": "2022-12-20T10:15:24.029880099Z",
          "applied_date": "2022-12-20T10:16:30.644256926Z"
        },
        "firewall": {
          "policy_type": "firewall",
          "policy_id": "123445678891234567890",
          "applied": true,
          "assigned_date": "2022-12-20T07:16:48.099640843Z",
          "applied_date": "2022-12-20T07:18:27.779111459Z",
          "rule_set_id": "123445678891234567890"
        }
      },
      "groups": [
        "123445678891234567890",
        "123445678891234567890"
      ],
      "group_hash": "123445678891234567890123445678891234567890123445678891234567890",
      "product_type": "3",
      "product_type_desc": "Server",
      "provision_status": "Provisioned",
      "serial_number": "000000-0000-000-00000-000000000",
      "service_pack_minor": "0",
      "pointer_size": "8",
      "status": "normal",
      "system_manufacturer": "Xen",
      "system_product_name": "HVM domU",
      "tags": [],
      "modified_timestamp": "2023-01-18T19:20:15Z",
      "meta": {
        "version": "8486",
        "version_string": "3:0000000"
      },
      "zone_group": "eu-west-1b",
      "kernel_version": "6.3.9600.20718",
      "connection_ip": "000.00.00.000",
      "default_gateway_ip": "000.00.00.000",
      "connection_mac_address": "00-00-00-00-00-00"
    },
  ],
  "errors": []
}

Workflow Library Example

Remove Crowdstrike Falcon Sensors Inactive in The Last 12 Hours
Workflow LibraryPreview this Workflow on desktop