Actions
List Alerts
Gets a list of Alert IDs.
External Documentation
To learn more, visit the CrowdStrike documentation.
Basic Parameters
Parameter | Description |
---|---|
Filter | Filter the results based on FQL queries guidelines.Usage examples: - Return only Endpoint Protection alert IDs: product:'epp' - Return only Identity Protection alert IDs: product:'idp' - Return only Falcon for Mobile alert IDs: product:'mobile' - Return only Falcon XDR IDs: product:'xdr' - Return only OverWatch alert IDs: product:'overwatch' - Return only Cloud Workload Protection alert IDs: product:'cwpp' |
Include Hidden | Determines whether hidden alerts will be included in the results. |
Query | Search all alert metadata for the provided string. |
Return All Pages | Automatically fetch all resources, page by page. |
Advanced Parameters
Parameter | Description |
---|---|
Limit | The maximum number of records to return. [1-5000]. Default value: 100. |
Offset | The zero-based position of the first record to return. Default value: 0. |
Sort | Sort the results based on a field.The format of the sort criteria is: field|direction . Direction can be either asc (ascending) or desc (descending) order.For example: status|asc . |
Example Output
Workflow Library Example
List Alerts with Crowdstrike and Send Results Via Email
Preview this Workflow on desktop
Was this page helpful?