search

CrowdStrike / ansible_collection_falcon

Comprehensive toolkit for streamlining your interactions with the CrowdStrike Falcon platform.
https://galaxy.ansible.com/ui/repo/published/crowdstrike/falcon/
GNU General Public License v3.0
95 stars 57 forks source link

update sensor_download module to use new v2 endpoint #488

Closed carlosmmatos closed 3 months ago

carlosmmatos commented 5 months ago

Falcon now has a V2 endpoint to query combined sensor installers.

As this was added in FalconPy 1.4.2, to maintain backwards compatibility with FalconPy 1.3.0+ we will need to take advantage of the override functionality to pass in the new api endpoint..

Example:

from falconpy import SensorDownload

sensor = SensorDownload() 
results = sensor.override("GET", "/sensors/combined/installers/v2", parameters={'filter': "platform:'linux'+architectures:'s390x'", 'limit': 5})

The above overrides the SensorDownload SC and specifies the new parameters needed for v2. The main driver behind doing this is because V2 now allows us to query for architectures !!! 💯