Perform an action on selected sensor update policies.

Note: Verify operation success by checking the response body. If the resources property is empty, the action failed. This typically indicates invalid parameters.

The following permissions are required to run this action:

  • Sensor update policies: Read and Write.
  • Host groups: Read.

External Documentation

To learn more, visit the CrowdStrike documentation.

Parameters

ParameterDescription
Action To PerformSelect the required action to perform on the specified sensor update policies.
Group IDThe unique identifier of the group to perform the action with.
IDsA comma-separated list of sensor update policies identifiers to perform this action on.

Example Output

{
	"errors": [
		{
			"code": 0,
			"id": "string",
			"message": "string"
		}
	],
	"meta": {
		"pagination": {
			"limit": 0,
			"offset": 0,
			"total": 0
		},
		"powered_by": "string",
		"query_time": 0,
		"trace_id": "string",
		"writes": {
			"resources_affected": 0
		}
	},
	"resources": [
		{
			"created_by": "The email of the user which created the policy",
			"created_timestamp": "The time at which the policy was created",
			"description": "The description of a policy. Use this field to provide a high level summary of what this policy enforces",
			"enabled": false,
			"groups": [
				{
					"assignment_rule": "The assignment rule of a group",
					"created_by": "The email of the user which created the policy",
					"created_timestamp": "The time at which the policy was created",
					"description": "An additional description of the group or the devices it targets",
					"group_type": "The method by which this host group is managed",
					"id": "The identifier of this host group",
					"modified_by": "The email of the user which last modified the policy",
					"modified_timestamp": "The time at which the policy was last modified",
					"name": "The name of the group"
				}
			],
			"id": "The unique id of the policy",
			"modified_by": "The email of the user which last modified the policy",
			"modified_timestamp": "The time at which the policy was last modified",
			"name": "The human readable name of the policy",
			"platform_name": "The name of the platform",
			"settings": {
				"build": "string"
			}
		}
	]
}

Workflow Library Example

Perform Sensor Update Policies Action with Crowdstrike and Send Results Via Email

Preview this Workflow on desktop