PRTG-CrowdStrike.PS1
About The Project
Project Owner: Jannos-443
PRTG Powershell Script to monitor CrowdStrike
Free and open source: MIT License
Getting Started
-
Log into CrowdStrike
-
add new API/Token
-
permission: devices:read, incidents:read, detects:read and quarantine:read
-
-
Make sure the FalconPS Powershell Module exists on the Probe and is up to date
-
Create new Sensor
Settings Value EXE/Script Advanced PRTG-CrowdStrike.ps1 Parameters -ClientId "YourCrowdStrikeAPIClientID" -ClientSecret "YourCrowdStrikeAPIClientSecret" Scanning Interval 30 minutes
Default API CloudUrl is "https://api.eu-1.crowdstrike.com" use -CloudUrl to change it to your Cloud
Usage
PRTG-CrowdStrike.ps1 -ClientId "YourCrowdStrikeAPIClientID" -ClientSecret "YourCrowdStrikeAPIClientSecret" -CloudUrl "https://api.eu-1.crowdstrike.com"
