Query all analysis samples.

One of the following subscriptions is required to execute this action:

  • Falcon Intelligence or Falcon Intelligence Premium.

External Documentation

To learn more, visit the CrowdStrike documentation.

Basic Parameters

ParameterDescription
FilterFilter the results by a FQL query.
Return All PagesAutomatically fetch all resources, page by page.

Advanced Parameters

ParameterDescription
LimitThe maximum records to return. Valid range is 0 - 5000.
OffsetStarting index of the overall result set.
ParametersA JSON object describing the full query string parameters.
SortThe property to sort the results on, followed by the sort direction. For example: string.asc or string.desc.

Example Output

{
	"csfalconx": {
		"resource": {
			"resources": [
				"20879a8064904ecfbb62c118a6a19411_5d620c1322444253ad2be284de3756fa",
				"20879a8064904ecfbb62c118a6a19411_a35034fa31074e609d9f6b971b78e49c",
				"20879a8064904ecfbb62c118a6a19411_944bce16178742c58beccd0e6eb1a000",
				"20879a8064904ecfbb62c118a6a19411_70a75d10dbc74cfdaeeba2661bc96f05",
				"20879a8064904ecfbb62c118a6a19411_f6552785fd2d4219bbca4f2bcda8db0f"
			]
		}
	}
}

Workflow Library Example

Query Submitted Samples with Crowdstrike and Send Results Via Email

Preview this Workflow on desktop

Was this page helpful?