Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.blinkops.com/llms.txt

Use this file to discover all available pages before exploring further.

Get the number of hosts in your customer account that have observed a given customer IOC. Note: This response has a limit of 2,000 hosts. If there are more than 2,000 hosts, limit_exceeded is returned as true in the response. You can use the Search Across Devices action to page through results for hosts counts over 2,000. The following permission is required to run this action:
  • IOC Management: Read and Write.
  • IOCs (Indicators of Compromise): Read.
Note: An error with 404 response code may occur if no devices are found for the indicator, or if the host has aged out.
External DocumentationTo learn more, visit the CrowdStrike documentation.

Parameters

ParameterDescription
Indicator TypeThe type of the indicator.
ValueThe string representation of the indicator, can be obtained by using the Get Indicator Details.

Example Output

{
	"meta": {
		"query_time": 0.041169611,
		"trace_id": "7e2c0465-81ce-41b0-b87f-1a2ffb96f65c"
	},
	"resources": [
		{
			"id": "domain:example.com",
			"type": "domain",
			"value": "example.com",
			"device_count": 13
		}
	],
	"errors": []
}

Workflow Library Example

Get Devices Count for Ioc with Crowdstrike and Send Results Via Email
Workflow LibraryPreview this Workflow on desktop