Query Submitted Samples - Blink Documentation

Query all analysis samples. One of the following subscriptions is required to execute this action:

Falcon Intelligence or Falcon Intelligence Premium.

External DocumentationTo learn more, visit the CrowdStrike documentation.

Basic Parameters

Parameter	Description
Filter	Filter the results by a FQL query.
Return All Pages	Automatically fetch all resources, page by page.

Advanced Parameters

Parameter	Description
Limit	The maximum records to return. Valid range is 0 - 5000.
Offset	Starting index of the overall result set.
Parameters	A JSON object describing the full query string parameters.
Sort	The property to sort the results on, followed by the sort direction. For example: `string.asc` or `string.desc`.

Example Output

{
	"csfalconx": {
		"resource": {
			"resources": [
				"20879a8064904ecfbb62c118a6a19411_5d620c1322444253ad2be284de3756fa",
				"20879a8064904ecfbb62c118a6a19411_a35034fa31074e609d9f6b971b78e49c",
				"20879a8064904ecfbb62c118a6a19411_944bce16178742c58beccd0e6eb1a000",
				"20879a8064904ecfbb62c118a6a19411_70a75d10dbc74cfdaeeba2661bc96f05",
				"20879a8064904ecfbb62c118a6a19411_f6552785fd2d4219bbca4f2bcda8db0f"
			]
		}
	}
}

Workflow Library Example

Query Submitted Samples with Crowdstrike and Send Results Via Email

Preview this Workflow on desktop

Integrations

​Basic Parameters

​Advanced Parameters

​Example Output

​Workflow Library Example

Basic Parameters

Advanced Parameters

Example Output

Workflow Library Example