Query Adversary Reports - Blink Documentation

Basic Parameters
Advanced Parameters
Example Output
Workflow Library Example

Search and retrieve adversary intel reports. The following permissions are required to run this action:

Reports (Falcon Intelligence): Read.

External DocumentationTo learn more, visit the CrowdStrike documentation.

Basic Parameters

Parameter	Description
Fields	Specify which fields to return for each item. You can select individual fields (for example, `id`, `name` or `slug`), or use pre-defined field collections in the format `__collection__`. If no fields are specified, the default `__basic__` collection will be returned. Valid fields include: `id`, `name`, `slug`, `type`, `sub_type`, `url`, `short_description`, `description`, `rich_text_description`, `created_date`, `last_modified_date`, `image`, `thumbnail`, `attachments`, `actors`, `tags`, `target_industries`, `target_countries` and `motivations`.
Filter	Filter the results by a FQL query. For a complete list of filterable properties and syntax guidance, refer to the CrowdStrike API documentation.
Query	Search term that matches against all fields of all adversaries.
Return All Pages	Automatically fetch all resources, page by page.

Advanced Parameters

Parameter	Description
Limit	The number of results to return.
Offset	The offset to start retrieving records from.
Sort	Sort applications by their properties. The format of the sort criteria is: `field\|direction`. Direction can be either `asc` (ascending) or `desc` (descending) order.

Example Output

{
	"errors": [
		{
			"code": 0,
			"id": "string",
			"message": "string"
		}
	],
	"meta": {
		"pagination": {
			"limit": 0,
			"offset": 0,
			"total": 0
		},
		"powered_by": "string",
		"query_time": 0,
		"trace_id": "string",
		"writes": {
			"resources_affected": 0
		}
	},
	"resources": [
		{
			"active": false,
			"actors": [
				{
					"id": 0,
					"name": "string",
					"slug": "string",
					"thumbnail": {
						"height": 0,
						"url": "string",
						"width": 0
					},
					"url": "string"
				}
			],
			"attachments": [
				{
					"id": 0,
					"url": "string"
				}
			],
			"created_date": 0,
			"description": "string",
			"entitlements": [
				{
					"id": 0,
					"name": "string",
					"slug": "string",
					"value": "string"
				}
			],
			"id": 0,
			"image": {
				"height": 0,
				"url": "string",
				"width": 0
			},
			"last_modified_date": 0,
			"motivations": [
				{
					"id": 0,
					"name": "string",
					"slug": "string",
					"value": "string"
				}
			],
			"name": "string",
			"notify_users": false,
			"rich_text_description": "string",
			"short_description": "string",
			"slug": "string",
			"sub_type": {
				"id": 0,
				"name": "string",
				"slug": "string",
				"value": "string"
			},
			"tags": [
				{
					"id": 0,
					"name": "string",
					"slug": "string",
					"value": "string"
				}
			],
			"target_countries": [
				{
					"id": 0,
					"name": "string",
					"slug": "string",
					"value": "string"
				}
			],
			"target_industries": [
				{
					"id": 0,
					"name": "string",
					"slug": "string",
					"value": "string"
				}
			],
			"thumbnail": {
				"height": 0,
				"url": "string",
				"width": 0
			},
			"topic": {
				"id": 0,
				"name": "string",
				"slug": "string",
				"value": "string"
			},
			"type": {
				"id": 0,
				"name": "string",
				"slug": "string",
				"value": "string"
			},
			"url": "string"
		}
	]
}