Get the details of a prevention policy.

The following permissions are required to run this action:

  • Prevention policies: Read.

External Documentation

To learn more, visit the CrowdStrike documentation.

Parameters

ParameterDescription
Policy IDThe unique identifier of the required prevention policy.

Example Output

{
	"errors": [
		{
			"code": 0,
			"id": "string",
			"message": "string"
		}
	],
	"meta": {
		"pagination": {
			"limit": 0,
			"offset": 0,
			"total": 0
		},
		"powered_by": "string",
		"query_time": 0,
		"trace_id": "string",
		"writes": {
			"resources_affected": 0
		}
	},
	"resources": [
		{
			"cid": "The customer id associated with the policy",
			"created_by": "The email of the user which created the policy",
			"created_timestamp": "The time at which the policy was created",
			"description": "The description of a policy. Use this field to provide a high level summary of what this policy enforces",
			"enabled": false,
			"groups": [
				{
					"assignment_rule": "The assignment rule of a group",
					"created_by": "The email of the user which created the policy",
					"created_timestamp": "The time at which the policy was created",
					"description": "An additional description of the group or the devices it targets",
					"group_type": "The method by which this host group is managed",
					"id": "The identifier of this host group",
					"modified_by": "The email of the user which last modified the policy",
					"modified_timestamp": "The time at which the policy was last modified",
					"name": "The name of the group"
				}
			],
			"id": "The unique id of the policy",
			"ioa_rule_groups": [
				{
					"comment": "string",
					"committed_timestamp": "The last attempted time CFS got this data on the rule group",
					"created_by": "The email of the user which created the rule group",
					"created_timestamp": "The time at which the policy was created",
					"customer_id": "string",
					"deleted": false,
					"description": "An additional description of the group or the rules it contains",
					"enabled": false,
					"id": "The identifier of this IOA rule group",
					"modified_by": "The email of the user which last modified the rule group",
					"modified_timestamp": "The time at which the policy was last modified",
					"name": "The name of the group",
					"platform": "string",
					"rule_ids": [
						"string"
					],
					"version": 0
				}
			],
			"modified_by": "The email of the user which last modified the policy",
			"modified_timestamp": "The time at which the policy was last modified",
			"name": "The human readable name of the policy",
			"platform_name": "The name of the platform",
			"prevention_settings": [
				{
					"name": "The name of the category",
					"settings": [
						{
							"description": "The human readable description of the setting",
							"id": "The id of the setting",
							"name": "The name of the setting",
							"type": "The type of the setting which can be used as a hint when displaying in the UI",
							"value": {}
						}
					]
				}
			]
		}
	]
}

Workflow Library Example

Get Prevention Policy with Crowdstrike and Send Results Via Email

Preview this Workflow on desktop