IOC Management
: Read and Write.
IOCs (Indicators of Compromise)
: Read.
Parameter | Description |
---|---|
Device ID | Specify a device ID to return only processes from that device. |
Indicator Type | The type of the indicator. |
Return All Pages | Automatically fetch all resources, page by page. |
Value | The string representation of the indicator, can be obtained by using the Get Indicator Details . |
Parameter | Description |
---|---|
Limit | Number of processes to return in the response. |
Offset | The first process to return, where 0 is the latest offset. Use with the limit parameter to manage pagination of results. |
{
"meta": {
"query_time": 0.10,
"pagination": {
"offset": "1364242733:397800512",
"limit": 2,
"next_page": "/indicators/queries/processes/v1?type=domain&value=example.com&device_id=2dd7xxxxxxxxfb3c2&offset=1364242733:397800512&limit=1"
},
"trace_id": "a4d3ba63-28e4-473e-9b6f-61dd0b8be4fe",
"entity": "https://falconapi.crowdstrike.com/processes/entities/processes/v1{?ids*}"
},
"resources": [
"pid:2dd7xxxxxxxxb3c2:298xxx772",
"pid:2dd7xxxxxxxxb3c2:922xxx411"
],
"errors": []
}
Was this page helpful?