Documentation Index
Fetch the complete documentation index at: https://docs.blinkops.com/llms.txt
Use this file to discover all available pages before exploring further.
Update one or more individual indicators by IOC ID.
Include only the fields that need to be updated. Omit fields that you want left unchanged.
The following permission is required to run this action:
IOC Management: Read and Write.
Parameters
| Parameter | Description |
|---|
| Comment | Leave a comment of the update in CrowdStrike. |
| Indicators Updated Objects | A list of indicator objects with the fields and new values to update in each indicator.
Include only the fields that need to be updated. Omit fields that you want left unchanged. |
Example Output
{
"errors": [
{
"code": 0,
"id": "string",
"message": "string"
}
],
"meta": {
"pagination": {
"after": "string",
"limit": 0,
"offset": 0,
"total": 0
},
"powered_by": "string",
"query_time": 0,
"trace_id": "string"
},
"resources": [
{
"action": "string",
"applied_globally": false,
"created_by": "string",
"created_on": "date-time",
"deleted": false,
"description": "string",
"expiration": "date-time",
"expired": false,
"from_parent": false,
"host_groups": [
"string"
],
"id": "string",
"metadata": {
"av_hits": 0,
"company_name": "string",
"file_description": "string",
"file_version": "string",
"filename": "string",
"original_filename": "string",
"product_name": "string",
"product_version": "string",
"signed": false
},
"mobile_action": "string",
"modified_by": "string",
"modified_on": "date-time",
"parent_cid_name": "string",
"platforms": [
"string"
],
"severity": "string",
"source": "string",
"tags": [
"string"
],
"type": "string",
"value": "string"
}
]
}
Workflow Library Example
Update Indicators with Crowdstrike and Send Results Via Email
