[ BUG ] `Start-FalconSession` with `-WarningVariable` returns null

[IsaacDawson]

Describe the bug Regarding Start-FalconSession, the -WarningVariable Common Parameter always seems to return empty for batch sessions, despite an expected result.

To Reproduce 1) Create a CSV file containing multiple Host IDs (aid), at least one of them must be offline/unreachable 2) Import the CSV into PowerShell, using $csv = Import-CSV -Path C:\Path\To\File.csv 3) Request a Falcon Token 4) Write Start-FalconSession -host_ids $csv -WarmingVariable alert 5) Write $alert and you should get the same warning from step 4b, however the variable is null

Expected behavior The alert variable should contain the warning produced by Start-FalconSession, however it is null

Environment (please complete the following information):

• OS: Windows 11
• PowerShell: 5.1
• PSFalcon: 2.2.2

Additional context Same issue applies when using a CSV of Host IDs or just using identifiers

Transcript content

**********************
Windows PowerShell transcript start
Start time: 20221020083145
Username: xxxx\I_Dawson
RunAs User: xxxx\I_Dawson
Configuration Name: 
Machine: xxxx (Microsoft Windows NT 10.0.22000.0)
Host Application: C:\WINDOWS\System32\WindowsPowerShell\v1.0\powershell.exe
Process ID: 16488
PSVersion: 5.1.22000.832
PSEdition: Desktop
PSCompatibleVersions: 1.0, 2.0, 3.0, 4.0, 5.0, 5.1.22000.832
BuildVersion: 10.0.22000.832
CLRVersion: 4.0.30319.42000
WSManStackVersion: 3.0
PSRemotingProtocolVersion: 2.3
SerializationVersion: 1.1.0.1
**********************
Transcript started, output file is C:\Users\I_Dawson\Documents\PowerShell_transcript.xxxx.shgEc4b7.20221020083145.txt
PS C:\Users\I_Dawson> Show-FalconModule

PSVersion      : Desktop [5.1.22000.832]
ModuleVersion  : v2.2.2 {d893eb9f-f6bb-4a40-9caf-aaff0e42acd1}
ModulePath     : C:\Users\I_Dawson\Documents\WindowsPowerShell\Modules\psfalcon\2.2.2
UserModulePath : C:\Users\I_Dawson\Documents\WindowsPowerShell\Modules;C:\Program
                 Files\WindowsPowerShell\Modules;C:\WINDOWS\system32\WindowsPowerShell\v1.0\Modules
UserHome       : C:\Users\I_Dawson
UserAgent      : crowdstrike-psfalcon/2.2.2

PS C:\Users\I_Dawson> $csv = (Import-Csv -Path C:\Users\I_Dawson\Downloads\Book1.csv).'Host'
PS C:\Users\I_Dawson> $csv
281eb4f5d66342d387f6e604f7d4fb6c
27d4d1a89c4a42a284528da91852b88b
PS C:\Users\I_Dawson> Start-FalconSession -host_ids $csv -WarningVariable alert
VERBOSE: [ApiClient.Invoke] POST https://api.eu-1.crowdstrike.com/real-time-response/combined/batch-init-session/v1
VERBOSE: [ApiClient.Invoke] ContentType=application/json, Accept=application/json
VERBOSE: [ApiClient.Invoke] {"host_ids":["281eb4f5d66342d387f6e604f7d4fb6c","27d4d1a89c4a42a284528da91852b88b"]}
VERBOSE: [ApiClient.Invoke] 201: Created
VERBOSE: [ApiClient.Invoke] Connection=keep-alive, Strict-Transport-Security=max-age=15724800; includeSubDomains, max-age=31536000; includeSubDomains, X-Cs-Region=eu-1, X-Cs-Traceid=bd2996d2-9c36-4acf-a5d9-44d95ddf48dd, X-Ratelimit-Limit=6000, X-Ratelimit-Remaining=5999, Date=Thu, 20 Oct 2022 07:32:49 GMT, Server=nginx
VERBOSE: [Write-Result] meta.query_time=1.225811639, meta.trace_id=bd2996d2-9c36-4acf-a5d9-44d95ddf48dd, meta.powered_by=empower-api
WARNING: [Start-FalconSession] 40401: Could not establish sensor comms [aid: 27d4d1a89c4a42a284528da91852b88b]

batch_id                             hosts
--------                             -----
a63296c2-be0e-4393-b5c6-4866ed89a7e1 {@{session_id=; complete=False; stdout=; stderr=; aid=27d4d1a89c4a42a284528da91...

PS C:\Users\I_Dawson> $alert
PS C:\Users\I_Dawson> Stop-Transcript
**********************
Windows PowerShell transcript end
End time: 20221020083257
**********************

[bk-cs]

It appears that Write-Warning does not output messages to WarningVariable. For the next release, I've updated all instances where it was used to used the $PSCmdlet.WriteWarning() method instead.

[bk-cs]

Resolved in v2.2.3 release.