crowdstrike-falconpy-dev 1.4.1__tar.gz → 1.4.2__tar.gz
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/AUTHORS.md +6 -2
- {crowdstrike-falconpy-dev-1.4.1/src/crowdstrike_falconpy_dev.egg-info → crowdstrike-falconpy-dev-1.4.2}/PKG-INFO +3 -2
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/README.md +2 -1
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2/src/crowdstrike_falconpy_dev.egg-info}/PKG-INFO +3 -2
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_auth_object/_falcon_interface.py +24 -7
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_auth_object/_uber_interface.py +4 -2
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_endpoint/_alerts.py +2 -1
- crowdstrike-falconpy-dev-1.4.2/src/falconpydev/_endpoint/_cloud_snapshots.py +164 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_endpoint/_container_detections.py +36 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_endpoint/_container_images.py +3 -2
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_endpoint/_cspm_registration.py +49 -2
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_endpoint/_discover.py +48 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_endpoint/_falcon_complete_dashboard.py +14 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_endpoint/_filevantage.py +1 -1
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_endpoint/_foundry_logscale.py +94 -1
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_endpoint/_intel.py +79 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_endpoint/_iocs.py +42 -44
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_endpoint/_kubernetes_protection.py +5 -5
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_endpoint/_real_time_response.py +30 -28
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_endpoint/_real_time_response_admin.py +21 -20
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_endpoint/_sensor_download.py +112 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_endpoint/_workflows.py +125 -7
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_endpoint/deprecated/_discover.py +48 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_endpoint/deprecated/_real_time_response.py +17 -15
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_endpoint/deprecated/_real_time_response_admin.py +10 -9
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_payload/__init__.py +15 -5
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_payload/_cloud_snapshots.py +17 -60
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_payload/_cspm_registration.py +44 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_payload/_workflows.py +20 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_util/_functions.py +5 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_version.py +1 -1
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/alerts.py +28 -8
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/cloud_snapshots.py +132 -69
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/container_detections.py +46 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/container_images.py +1 -1
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/cspm_registration.py +124 -1
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/discover.py +71 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/falcon_complete_dashboard.py +87 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/filevantage.py +1 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/foundry_logscale.py +67 -1
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/intel.py +94 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/kubernetes_protection.py +4 -4
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/oauth2.py +4 -2
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/sample_uploads.py +5 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/sensor_download.py +144 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/workflows.py +77 -23
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/tests/test_authentications.py +30 -16
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/tests/test_cloud_connect_aws.py +16 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/tests/test_cloud_snapshots.py +4 -4
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/tests/test_container_detections.py +1 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/tests/test_cspm_registration.py +5 -1
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/tests/test_discover.py +1 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/tests/test_falcon_complete_dashboard.py +1 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/tests/test_foundry_logscale.py +2 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/tests/test_intel.py +5 -1
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/tests/test_result_object.py +5 -1
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/tests/test_sample_uploads.py +2 -2
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/tests/test_sensor_download.py +43 -9
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/tests/test_uber.py +16 -16
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/tests/test_uber_api_complete.py +16 -16
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/tests/test_workflows.py +2 -1
- crowdstrike-falconpy-dev-1.4.1/src/falconpydev/_endpoint/_cloud_snapshots.py +0 -76
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/LICENSE +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/dev_setup.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/setup.cfg +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/setup.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/crowdstrike_falconpy_dev.egg-info/SOURCES.txt +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/crowdstrike_falconpy_dev.egg-info/dependency_links.txt +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/crowdstrike_falconpy_dev.egg-info/requires.txt +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/crowdstrike_falconpy_dev.egg-info/top_level.txt +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/__init__.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_api_request/__init__.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_api_request/_request.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_api_request/_request_behavior.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_api_request/_request_connection.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_api_request/_request_meta.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_api_request/_request_payloads.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_api_request/_request_validator.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_auth_object/__init__.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_auth_object/_base_falcon_auth.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_auth_object/_bearer_token.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_auth_object/_interface_config.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_constant/__init__.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_endpoint/__init__.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_endpoint/_cloud_connect_aws.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_endpoint/_configuration_assessment.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_endpoint/_configuration_assessment_evaluation_logic.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_endpoint/_container_alerts.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_endpoint/_container_packages.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_endpoint/_container_vulnerabilities.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_endpoint/_custom_ioa.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_endpoint/_custom_storage.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_endpoint/_d4c_registration.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_endpoint/_detects.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_endpoint/_device_control_policies.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_endpoint/_drift_indicators.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_endpoint/_event_streams.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_endpoint/_falcon_container.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_endpoint/_falconx_sandbox.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_endpoint/_fdr.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_endpoint/_firewall_management.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_endpoint/_firewall_policies.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_endpoint/_host_group.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_endpoint/_hosts.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_endpoint/_identity_protection.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_endpoint/_image_assessment_policies.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_endpoint/_incidents.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_endpoint/_installation_tokens.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_endpoint/_ioa_exclusions.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_endpoint/_ioc.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_endpoint/_malquery.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_endpoint/_message_center.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_endpoint/_ml_exclusions.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_endpoint/_mobile_enrollment.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_endpoint/_mssp.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_endpoint/_oauth2.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_endpoint/_ods.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_endpoint/_overwatch_dashboard.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_endpoint/_prevention_policies.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_endpoint/_quarantine.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_endpoint/_quick_scan.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_endpoint/_real_time_response_audit.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_endpoint/_recon.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_endpoint/_report_executions.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_endpoint/_response_policies.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_endpoint/_sample_uploads.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_endpoint/_scheduled_reports.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_endpoint/_sensor_update_policies.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_endpoint/_sensor_visibility_exclusions.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_endpoint/_spotlight_evaluation_logic.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_endpoint/_spotlight_vulnerabilities.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_endpoint/_tailored_intelligence.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_endpoint/_unidentified_containers.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_endpoint/_user_management.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_endpoint/_zero_trust_assessment.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_endpoint/deprecated/__init__.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_endpoint/deprecated/_custom_ioa.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_endpoint/deprecated/_d4c_registration.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_endpoint/deprecated/_fdr.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_endpoint/deprecated/_firewall_management.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_endpoint/deprecated/_hosts.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_endpoint/deprecated/_identity_protection.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_endpoint/deprecated/_installation_tokens.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_endpoint/deprecated/_ioc.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_endpoint/deprecated/_iocs.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_endpoint/deprecated/_mapping.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_endpoint/deprecated/_ods.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_endpoint/deprecated/_report_executions.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_endpoint/deprecated/_scheduled_reports.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_endpoint/deprecated/_zero_trust_assessment.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_enum/__init__.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_enum/_base_url.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_enum/_container_base_url.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_enum/_token_fail_reason.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_error/__init__.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_error/_exceptions.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_error/_warnings.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_log/__init__.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_log/_facility.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_payload/_alerts.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_payload/_cloud_connect_aws.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_payload/_container.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_payload/_d4c_registration.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_payload/_detects.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_payload/_device_control_policy.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_payload/_falconx.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_payload/_filevantage.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_payload/_firewall.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_payload/_foundry.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_payload/_generic.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_payload/_host_group.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_payload/_incidents.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_payload/_ioa.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_payload/_ioc.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_payload/_malquery.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_payload/_message_center.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_payload/_mssp.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_payload/_ods.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_payload/_prevention_policy.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_payload/_real_time_response.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_payload/_recon.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_payload/_reports.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_payload/_response_policy.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_payload/_sample_uploads.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_payload/_sensor_update_policy.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_result/__base_resource.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_result/__init__.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_result/_base_dictionary.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_result/_errors.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_result/_expanded_result.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_result/_headers.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_result/_meta.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_result/_resources.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_result/_response_component.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_result/_result.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_service_class/__init__.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_service_class/_base_service_class.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_service_class/_service_class.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_util/__init__.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_util/_auth.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_util/_service.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_util/_uber.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/api_complete/__init__.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/api_complete/_advanced.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/api_complete/_legacy.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/cloud_connect_aws.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/configuration_assessment.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/configuration_assessment_evaluation_logic.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/container_alerts.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/container_packages.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/container_vulnerabilities.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/custom_ioa.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/custom_storage.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/d4c_registration.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/debug.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/detects.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/device_control_policies.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/drift_indicators.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/event_streams.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/falcon_container.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/falconx_sandbox.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/fdr.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/firewall_management.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/firewall_policies.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/host_group.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/hosts.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/identity_protection.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/image_assessment_policies.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/incidents.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/installation_tokens.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/ioa_exclusions.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/ioc.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/iocs.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/malquery.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/message_center.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/ml_exclusions.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/mobile_enrollment.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/mssp.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/ods.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/overwatch_dashboard.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/prevention_policy.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/quarantine.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/quick_scan.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/real_time_response.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/real_time_response_admin.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/real_time_response_audit.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/recon.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/report_executions.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/response_policies.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/scheduled_reports.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/sensor_update_policy.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/sensor_visibility_exclusions.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/spotlight_evaluation_logic.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/spotlight_vulnerabilities.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/tailored_intelligence.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/unidentified_containers.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/user_management.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/zero_trust_assessment.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/tests/test_alerts.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/tests/test_api_request.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/tests/test_authorization.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/tests/test_configuration_assessment.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/tests/test_configuration_assessment_evaluation_logic.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/tests/test_container_alerts.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/tests/test_container_images.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/tests/test_container_packages.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/tests/test_container_vulnerabilities.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/tests/test_custom_ioa.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/tests/test_custom_storage.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/tests/test_d4c_registration.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/tests/test_detects.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/tests/test_device_control_policies.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/tests/test_drift_indicators.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/tests/test_event_streams.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/tests/test_falcon_container.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/tests/test_falconx_sandbox.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/tests/test_fdr.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/tests/test_filevantage.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/tests/test_firewall_management.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/tests/test_firewall_policies.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/tests/test_host_group.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/tests/test_hosts.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/tests/test_identity_protection.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/tests/test_image_assessment_policies.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/tests/test_incidents.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/tests/test_installation_tokens.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/tests/test_ioa_exclusions.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/tests/test_ioc.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/tests/test_iocs.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/tests/test_kubernetes_protection.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/tests/test_malquery.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/tests/test_message_center.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/tests/test_ml_exclusions.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/tests/test_mobile_enrollment.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/tests/test_mssp.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/tests/test_ods.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/tests/test_overwatch_dashboard.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/tests/test_prevention_policy.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/tests/test_quarantine.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/tests/test_quick_scan.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/tests/test_real_time_response.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/tests/test_real_time_response_admin.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/tests/test_real_time_response_audit.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/tests/test_recon.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/tests/test_report_executions.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/tests/test_response_policies.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/tests/test_scheduled_reports.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/tests/test_sensor_update_policy.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/tests/test_sensor_visibility_exclusions.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/tests/test_service_class.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/tests/test_spotlight_evaluation_logic.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/tests/test_spotlight_vulnerabilities.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/tests/test_tailored_intelligence.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/tests/test_timeout.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/tests/test_unidentified_containers.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/tests/test_user_management.py +0 -0
- {crowdstrike-falconpy-dev-1.4.1 → crowdstrike-falconpy-dev-1.4.2}/tests/test_zero_trust_assessment.py +0 -0
|
@@ -28,7 +28,6 @@ These coders deserve accolades and laurels as well as cool titles and cartoons.
|
|
|
28
28
|
|
|
29
29
|
| Name | Role |
|
|
30
30
|
| :--- | :--- |
|
|
31
|
-
| Šimon L., `@isimluk` | [Sanity Checker](https://xkcd.com/1926/) |
|
|
32
31
|
| Josh Lang, `@jlangdev` | [Lint Purveyor](https://xkcd.com/1833/) |
|
|
33
32
|
| Christopher Hammond, `@ChristopherHammond13` | [Technical Debt Collector](https://xkcd.com/2138/) |
|
|
34
33
|
| Gabe Alford, `@redhatrises` | [Git Whisperer](https://xkcd.com/1597/) |
|
|
@@ -37,6 +36,9 @@ These coders deserve accolades and laurels as well as cool titles and cartoons.
|
|
|
37
36
|
| Shane Shellenbarger, `@soggysec` | [Calamity Validator](https://xkcd.com/1700/) |
|
|
38
37
|
| Steve Klassen, `@mrxinu` | [Dilemma Responder](https://xkcd.com/85/) |
|
|
39
38
|
|
|
39
|
+
#### Honorable mentions
|
|
40
|
+
+ Šimon L., `@isimluk` ([Sanity Checker](https://xkcd.com/1926/))
|
|
41
|
+
|
|
40
42
|
## Contributors
|
|
41
43
|
The following members of the community have made requests, suggestions, code contributions or provided feedback and reported bugs.
|
|
42
44
|
This has been a critical element in the development of the FalconPy project.
|
|
@@ -90,6 +92,8 @@ This has been a critical element in the development of the FalconPy project.
|
|
|
90
92
|
+ Phil Massyn, `@massyn`
|
|
91
93
|
+ Russell Snyder, `@rusnyder`
|
|
92
94
|
+ `@PeroSoy`
|
|
95
|
+
+ Shubham, `@i-shubham01`
|
|
96
|
+
+ Don "Swanson" I., `@Don-Swanson-Adobe`
|
|
93
97
|
|
|
94
98
|
|
|
95
99
|
## Sponsors
|
|
@@ -98,11 +102,11 @@ Without the support of these executives, the FalconPy project would not have hap
|
|
|
98
102
|
| Name | Role |
|
|
99
103
|
| :-- | :-- |
|
|
100
104
|
| Chris Kachigian, `@ckachigian` | Herder of Cats |
|
|
101
|
-
| Rekha Das | Gatekeeper |
|
|
102
105
|
| Robbie Coleman, `@erraggy` | Keymaster |
|
|
103
106
|
| Mike Cryer | Colonel-in-Chief |
|
|
104
107
|
|
|
105
108
|
#### Honorable mentions
|
|
109
|
+
+ Rekha Das
|
|
106
110
|
+ Jaime Franklin, `@franklinjff`
|
|
107
111
|
+ Shawn Wells, `@shawndwells`
|
|
108
112
|
|
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
Metadata-Version: 2.1
|
|
2
2
|
Name: crowdstrike-falconpy-dev
|
|
3
|
-
Version: 1.4.
|
|
3
|
+
Version: 1.4.2
|
|
4
4
|
Summary: The CrowdStrike Falcon SDK for Python 3
|
|
5
5
|
Home-page: https://github.com/CrowdStrike/falconpy
|
|
6
6
|
Author: CrowdStrike
|
|
@@ -56,7 +56,7 @@ License-File: AUTHORS.md
|
|
|
56
56
|
[](https://github.com/CrowdStrike/falconpy/releases)
|
|
57
57
|
[](https://github.com/CrowdStrike/falconpy/graphs/code-frequency)
|
|
58
58
|
[](https://github.com/CrowdStrike/falconpy/commits/main)
|
|
59
|
-
|
|
59
|
+
|
|
60
60
|
|
|
61
61
|
The FalconPy SDK contains a collection of Python classes that abstract CrowdStrike Falcon OAuth2 API interaction, removing duplicative code and allowing developers to focus on just the logic of their solution requirements.
|
|
62
62
|
|
|
@@ -130,6 +130,7 @@ For each CrowdStrike Falcon API service collection, a matching Service Class is
|
|
|
130
130
|
|
|
131
131
|
- Closely follows Python and OpenAPI best practice for code style and syntax. PEP-8 compliant.
|
|
132
132
|
- Completely abstracts token management, automatically refreshing your token when it expires.
|
|
133
|
+
- Interact with newly released API operations not yet available in the library via the `override` method.
|
|
133
134
|
- Provides simple programmatic patterns for interacting with CrowdStrike Falcon APIs.
|
|
134
135
|
- Supports [cloud region autodiscovery](https://www.falconpy.io/Usage/Environment-Configuration.html#cloud-region-autodiscovery) for the CrowdStrike `US-1`, `US-2` and `EU-1` regions.
|
|
135
136
|
- Supports dynamic [configuration](https://www.falconpy.io/Usage/Environment-Configuration.html) based upon the needs of your environment.
|
|
@@ -9,7 +9,7 @@
|
|
|
9
9
|
[](https://github.com/CrowdStrike/falconpy/releases)
|
|
10
10
|
[](https://github.com/CrowdStrike/falconpy/graphs/code-frequency)
|
|
11
11
|
[](https://github.com/CrowdStrike/falconpy/commits/main)
|
|
12
|
-
|
|
12
|
+
|
|
13
13
|
|
|
14
14
|
The FalconPy SDK contains a collection of Python classes that abstract CrowdStrike Falcon OAuth2 API interaction, removing duplicative code and allowing developers to focus on just the logic of their solution requirements.
|
|
15
15
|
|
|
@@ -83,6 +83,7 @@ For each CrowdStrike Falcon API service collection, a matching Service Class is
|
|
|
83
83
|
|
|
84
84
|
- Closely follows Python and OpenAPI best practice for code style and syntax. PEP-8 compliant.
|
|
85
85
|
- Completely abstracts token management, automatically refreshing your token when it expires.
|
|
86
|
+
- Interact with newly released API operations not yet available in the library via the `override` method.
|
|
86
87
|
- Provides simple programmatic patterns for interacting with CrowdStrike Falcon APIs.
|
|
87
88
|
- Supports [cloud region autodiscovery](https://www.falconpy.io/Usage/Environment-Configuration.html#cloud-region-autodiscovery) for the CrowdStrike `US-1`, `US-2` and `EU-1` regions.
|
|
88
89
|
- Supports dynamic [configuration](https://www.falconpy.io/Usage/Environment-Configuration.html) based upon the needs of your environment.
|
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
Metadata-Version: 2.1
|
|
2
2
|
Name: crowdstrike-falconpy-dev
|
|
3
|
-
Version: 1.4.
|
|
3
|
+
Version: 1.4.2
|
|
4
4
|
Summary: The CrowdStrike Falcon SDK for Python 3
|
|
5
5
|
Home-page: https://github.com/CrowdStrike/falconpy
|
|
6
6
|
Author: CrowdStrike
|
|
@@ -56,7 +56,7 @@ License-File: AUTHORS.md
|
|
|
56
56
|
[](https://github.com/CrowdStrike/falconpy/releases)
|
|
57
57
|
[](https://github.com/CrowdStrike/falconpy/graphs/code-frequency)
|
|
58
58
|
[](https://github.com/CrowdStrike/falconpy/commits/main)
|
|
59
|
-
|
|
59
|
+
|
|
60
60
|
|
|
61
61
|
The FalconPy SDK contains a collection of Python classes that abstract CrowdStrike Falcon OAuth2 API interaction, removing duplicative code and allowing developers to focus on just the logic of their solution requirements.
|
|
62
62
|
|
|
@@ -130,6 +130,7 @@ For each CrowdStrike Falcon API service collection, a matching Service Class is
|
|
|
130
130
|
|
|
131
131
|
- Closely follows Python and OpenAPI best practice for code style and syntax. PEP-8 compliant.
|
|
132
132
|
- Completely abstracts token management, automatically refreshing your token when it expires.
|
|
133
|
+
- Interact with newly released API operations not yet available in the library via the `override` method.
|
|
133
134
|
- Provides simple programmatic patterns for interacting with CrowdStrike Falcon APIs.
|
|
134
135
|
- Supports [cloud region autodiscovery](https://www.falconpy.io/Usage/Environment-Configuration.html#cloud-region-autodiscovery) for the CrowdStrike `US-1`, `US-2` and `EU-1` regions.
|
|
135
136
|
- Supports dynamic [configuration](https://www.falconpy.io/Usage/Environment-Configuration.html) based upon the needs of your environment.
|
|
@@ -90,7 +90,8 @@ class FalconInterface(BaseFalconAuth):
|
|
|
90
90
|
debug: Optional[bool] = False,
|
|
91
91
|
debug_record_count: Optional[int] = None,
|
|
92
92
|
sanitize_log: Optional[bool] = None,
|
|
93
|
-
pythonic: Optional[bool] = False
|
|
93
|
+
pythonic: Optional[bool] = False,
|
|
94
|
+
environment: Optional[Dict[str, str]] = None
|
|
94
95
|
) -> "FalconInterface":
|
|
95
96
|
"""Construct an instance of the FalconInterface class."""
|
|
96
97
|
# Set the pythonic behavior mode.
|
|
@@ -149,15 +150,16 @@ class FalconInterface(BaseFalconAuth):
|
|
|
149
150
|
)
|
|
150
151
|
|
|
151
152
|
# Environment Authentication
|
|
153
|
+
# User configuration environment keys
|
|
154
|
+
self._environment = environment if environment else {}
|
|
152
155
|
# When credentials are not provided, attempt to retrieve them from the environment.
|
|
153
156
|
if not self.cred_format_valid and not self.token_value:
|
|
154
157
|
# Both variables must be present within the running environment.
|
|
155
|
-
if os.getenv("
|
|
156
|
-
api_id = os.getenv("
|
|
157
|
-
|
|
158
|
-
|
|
159
|
-
|
|
160
|
-
api_sec = self.creds["client_secret"]
|
|
158
|
+
if os.getenv(f"{self.env_prefix}{self.env_key}") and os.getenv(f"{self.env_prefix}{self.env_secret}"):
|
|
159
|
+
api_id = os.getenv(f"{self.env_prefix}{self.env_key}") \
|
|
160
|
+
if "client_id" not in self.creds else self.creds["client_id"]
|
|
161
|
+
api_sec = os.getenv(f"{self.env_prefix}{self.env_secret}") \
|
|
162
|
+
if "client_secret" not in self.creds else self.creds["client_secret"]
|
|
161
163
|
# Environment Authentication will not override values that preexist in the creds dictionary.
|
|
162
164
|
self._creds = {
|
|
163
165
|
"client_id": api_id,
|
|
@@ -511,3 +513,18 @@ class FalconInterface(BaseFalconAuth):
|
|
|
511
513
|
def pythonic(self, value: bool):
|
|
512
514
|
"""Enable or disable pythonic mode."""
|
|
513
515
|
self._pythonic = value
|
|
516
|
+
|
|
517
|
+
@property
|
|
518
|
+
def env_prefix(self) -> str:
|
|
519
|
+
"""Return the environment prefix."""
|
|
520
|
+
return self._environment.get("prefix", "FALCON_")
|
|
521
|
+
|
|
522
|
+
@property
|
|
523
|
+
def env_key(self) -> str:
|
|
524
|
+
"""Return the environment API key name."""
|
|
525
|
+
return self._environment.get("id_name", "CLIENT_ID")
|
|
526
|
+
|
|
527
|
+
@property
|
|
528
|
+
def env_secret(self) -> str:
|
|
529
|
+
"""Return the environment API key secret."""
|
|
530
|
+
return self._environment.get("secret_name", "CLIENT_SECRET")
|
|
@@ -77,7 +77,8 @@ class UberInterface(FalconInterface):
|
|
|
77
77
|
debug: Optional[bool] = False,
|
|
78
78
|
debug_record_count: Optional[int] = MAX_DEBUG_RECORDS,
|
|
79
79
|
sanitize_log: Optional[bool] = None,
|
|
80
|
-
pythonic: Optional[bool] = None
|
|
80
|
+
pythonic: Optional[bool] = None,
|
|
81
|
+
environment: Optional[Dict[str, str]] = None
|
|
81
82
|
):
|
|
82
83
|
"""Construct an instance of the UberInterface class.
|
|
83
84
|
|
|
@@ -126,7 +127,8 @@ class UberInterface(FalconInterface):
|
|
|
126
127
|
debug=debug,
|
|
127
128
|
debug_record_count=debug_record_count,
|
|
128
129
|
sanitize_log=sanitize_log,
|
|
129
|
-
pythonic=pythonic
|
|
130
|
+
pythonic=pythonic,
|
|
131
|
+
environment=environment
|
|
130
132
|
)
|
|
131
133
|
|
|
132
134
|
# Complete list of available API operations.
|
|
@@ -169,7 +169,8 @@ _alerts_endpoints = [
|
|
|
169
169
|
"in": "query"
|
|
170
170
|
},
|
|
171
171
|
{
|
|
172
|
-
"description": "request body takes a list of action parameter request that is applied against all
|
|
172
|
+
"description": "request body takes a list of action parameter request that is applied against all "
|
|
173
|
+
"\"composite_ids\" provided",
|
|
173
174
|
"name": "body",
|
|
174
175
|
"in": "body",
|
|
175
176
|
"required": True
|
|
@@ -0,0 +1,164 @@
|
|
|
1
|
+
"""Internal API endpoint constant library.
|
|
2
|
+
|
|
3
|
+
_______ __ _______ __ __ __
|
|
4
|
+
| _ .----.-----.--.--.--.--| | _ | |_.----|__| |--.-----.
|
|
5
|
+
|. 1___| _| _ | | | | _ | 1___| _| _| | <| -__|
|
|
6
|
+
|. |___|__| |_____|________|_____|____ |____|__| |__|__|__|_____|
|
|
7
|
+
|: 1 | |: 1 |
|
|
8
|
+
|::.. . | CROWDSTRIKE FALCON |::.. . | FalconPy
|
|
9
|
+
`-------' `-------'
|
|
10
|
+
|
|
11
|
+
OAuth2 API - Customer SDK
|
|
12
|
+
|
|
13
|
+
This is free and unencumbered software released into the public domain.
|
|
14
|
+
|
|
15
|
+
Anyone is free to copy, modify, publish, use, compile, sell, or
|
|
16
|
+
distribute this software, either in source code form or as a compiled
|
|
17
|
+
binary, for any purpose, commercial or non-commercial, and by any
|
|
18
|
+
means.
|
|
19
|
+
|
|
20
|
+
In jurisdictions that recognize copyright laws, the author or authors
|
|
21
|
+
of this software dedicate any and all copyright interest in the
|
|
22
|
+
software to the public domain. We make this dedication for the benefit
|
|
23
|
+
of the public at large and to the detriment of our heirs and
|
|
24
|
+
successors. We intend this dedication to be an overt act of
|
|
25
|
+
relinquishment in perpetuity of all present and future rights to this
|
|
26
|
+
software under copyright law.
|
|
27
|
+
|
|
28
|
+
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
|
|
29
|
+
EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
|
|
30
|
+
MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
|
|
31
|
+
IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY CLAIM, DAMAGES OR
|
|
32
|
+
OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE,
|
|
33
|
+
ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
|
|
34
|
+
OTHER DEALINGS IN THE SOFTWARE.
|
|
35
|
+
|
|
36
|
+
For more information, please refer to <https://unlicense.org>
|
|
37
|
+
"""
|
|
38
|
+
|
|
39
|
+
_cloud_snapshots_endpoints = [
|
|
40
|
+
[
|
|
41
|
+
"ReadDeploymentsCombined",
|
|
42
|
+
"GET",
|
|
43
|
+
"/snapshots/combined/deployments/v1",
|
|
44
|
+
"Retrieve snapshot jobs identified by the provided IDs",
|
|
45
|
+
"cloud_snapshots",
|
|
46
|
+
[
|
|
47
|
+
{
|
|
48
|
+
"type": "string",
|
|
49
|
+
"description": "Search snapshot jobs using a query in Falcon Query Language (FQL). Supported filters: "
|
|
50
|
+
"account_id,asset_identifier,cloud_provider,region,status",
|
|
51
|
+
"name": "filter",
|
|
52
|
+
"in": "query"
|
|
53
|
+
},
|
|
54
|
+
{
|
|
55
|
+
"type": "integer",
|
|
56
|
+
"description": "The upper-bound on the number of records to retrieve.",
|
|
57
|
+
"name": "limit",
|
|
58
|
+
"in": "query"
|
|
59
|
+
},
|
|
60
|
+
{
|
|
61
|
+
"type": "integer",
|
|
62
|
+
"description": "The offset from where to begin.",
|
|
63
|
+
"name": "offset",
|
|
64
|
+
"in": "query"
|
|
65
|
+
},
|
|
66
|
+
{
|
|
67
|
+
"type": "string",
|
|
68
|
+
"description": "The fields to sort the records on. Supported columns: [account_id asset_identifier "
|
|
69
|
+
"cloud_provider instance_type last_updated_timestamp region status]",
|
|
70
|
+
"name": "sort",
|
|
71
|
+
"in": "query"
|
|
72
|
+
}
|
|
73
|
+
]
|
|
74
|
+
],
|
|
75
|
+
[
|
|
76
|
+
"RegisterCspmSnapshotAccount",
|
|
77
|
+
"POST",
|
|
78
|
+
"/snapshots/entities/accounts/v1",
|
|
79
|
+
"Register customer cloud account for snapshot scanning",
|
|
80
|
+
"cloud_snapshots",
|
|
81
|
+
[
|
|
82
|
+
{
|
|
83
|
+
"name": "body",
|
|
84
|
+
"in": "body",
|
|
85
|
+
"required": True
|
|
86
|
+
}
|
|
87
|
+
]
|
|
88
|
+
],
|
|
89
|
+
[
|
|
90
|
+
"ReadDeploymentsEntities",
|
|
91
|
+
"GET",
|
|
92
|
+
"/snapshots/entities/deployments/v1",
|
|
93
|
+
"Retrieve snapshot jobs identified by the provided IDs",
|
|
94
|
+
"cloud_snapshots",
|
|
95
|
+
[
|
|
96
|
+
{
|
|
97
|
+
"type": "array",
|
|
98
|
+
"items": {
|
|
99
|
+
"type": "string"
|
|
100
|
+
},
|
|
101
|
+
"collectionFormat": "csv",
|
|
102
|
+
"description": "Search snapshot jobs by ids - The maximum amount is 100 IDs",
|
|
103
|
+
"name": "ids",
|
|
104
|
+
"in": "query"
|
|
105
|
+
}
|
|
106
|
+
]
|
|
107
|
+
],
|
|
108
|
+
[
|
|
109
|
+
"CreateDeploymentEntity",
|
|
110
|
+
"POST",
|
|
111
|
+
"/snapshots/entities/deployments/v1",
|
|
112
|
+
"Launch a snapshot scan for a given cloud asset",
|
|
113
|
+
"cloud_snapshots",
|
|
114
|
+
[
|
|
115
|
+
{
|
|
116
|
+
"name": "body",
|
|
117
|
+
"in": "body",
|
|
118
|
+
"required": True
|
|
119
|
+
}
|
|
120
|
+
]
|
|
121
|
+
],
|
|
122
|
+
[
|
|
123
|
+
"GetCredentialsMixin0",
|
|
124
|
+
"GET",
|
|
125
|
+
"/snapshots/entities/image-registry-credentials/v1",
|
|
126
|
+
"Gets the registry credentials",
|
|
127
|
+
"cloud_snapshots",
|
|
128
|
+
[]
|
|
129
|
+
],
|
|
130
|
+
[
|
|
131
|
+
"CreateInventory",
|
|
132
|
+
"POST",
|
|
133
|
+
"/snapshots/entities/inventories/v1",
|
|
134
|
+
"Create inventory from data received from snapshot",
|
|
135
|
+
"cloud_snapshots",
|
|
136
|
+
[
|
|
137
|
+
{
|
|
138
|
+
"name": "body",
|
|
139
|
+
"in": "body",
|
|
140
|
+
"required": True
|
|
141
|
+
}
|
|
142
|
+
]
|
|
143
|
+
],
|
|
144
|
+
[
|
|
145
|
+
"GetScanReport",
|
|
146
|
+
"GET",
|
|
147
|
+
"/snapshots/entities/scanreports/v1",
|
|
148
|
+
"retrieve the scan report for an instance",
|
|
149
|
+
"cloud_snapshots",
|
|
150
|
+
[
|
|
151
|
+
{
|
|
152
|
+
"type": "array",
|
|
153
|
+
"items": {
|
|
154
|
+
"type": "string"
|
|
155
|
+
},
|
|
156
|
+
"collectionFormat": "csv",
|
|
157
|
+
"description": "the instance identifiers to fetch the report for",
|
|
158
|
+
"name": "ids",
|
|
159
|
+
"in": "query",
|
|
160
|
+
"required": True
|
|
161
|
+
}
|
|
162
|
+
]
|
|
163
|
+
]
|
|
164
|
+
]
|
|
@@ -120,6 +120,42 @@ _container_detections_endpoints = [
|
|
|
120
120
|
}
|
|
121
121
|
]
|
|
122
122
|
],
|
|
123
|
+
[
|
|
124
|
+
"GetRuntimeDetectionsCombinedV2",
|
|
125
|
+
"GET",
|
|
126
|
+
"/container-security/combined/runtime-detections/v2",
|
|
127
|
+
"Retrieve container runtime detections by the provided search criteria",
|
|
128
|
+
"container_detections",
|
|
129
|
+
[
|
|
130
|
+
{
|
|
131
|
+
"type": "string",
|
|
132
|
+
"description": "Filter Container Runtime Detections using a query in Falcon Query Language (FQL). "
|
|
133
|
+
"Supported filters: action_taken,aid,cid,cloud,cluster_name,command_line,computer_name,container_id,detect_tim"
|
|
134
|
+
"estamp,detection_description,detection_id,file_name,file_path,host_id,host_type,image_id,name,namespace,pod_na"
|
|
135
|
+
"me,severity,tactic",
|
|
136
|
+
"name": "filter",
|
|
137
|
+
"in": "query"
|
|
138
|
+
},
|
|
139
|
+
{
|
|
140
|
+
"type": "integer",
|
|
141
|
+
"description": "The upper-bound on the number of records to retrieve.",
|
|
142
|
+
"name": "limit",
|
|
143
|
+
"in": "query"
|
|
144
|
+
},
|
|
145
|
+
{
|
|
146
|
+
"type": "integer",
|
|
147
|
+
"description": "The offset from where to begin.",
|
|
148
|
+
"name": "offset",
|
|
149
|
+
"in": "query"
|
|
150
|
+
},
|
|
151
|
+
{
|
|
152
|
+
"type": "string",
|
|
153
|
+
"description": "The field to sort the records on.",
|
|
154
|
+
"name": "sort",
|
|
155
|
+
"in": "query"
|
|
156
|
+
}
|
|
157
|
+
]
|
|
158
|
+
],
|
|
123
159
|
[
|
|
124
160
|
"ReadDetections",
|
|
125
161
|
"GET",
|
|
@@ -250,8 +250,9 @@ _container_images_endpoints = [
|
|
|
250
250
|
{
|
|
251
251
|
"type": "string",
|
|
252
252
|
"description": "The fields to sort the records on. Supported columns: [base_os cid containers "
|
|
253
|
-
"detections firstScanned first_seen highest_detection_severity
|
|
254
|
-
"image_id last_seen layers_with_vulnerabilities packages registry
|
|
253
|
+
"detections firstScanned first_seen highest_cps_current_rating highest_detection_severity "
|
|
254
|
+
"highest_vulnerability_severity image_digest image_id last_seen layers_with_vulnerabilities packages registry "
|
|
255
|
+
"repository tag vulnerabilities]",
|
|
255
256
|
"name": "sort",
|
|
256
257
|
"in": "query"
|
|
257
258
|
}
|
|
@@ -533,6 +533,25 @@ _cspm_registration_endpoints = [
|
|
|
533
533
|
}
|
|
534
534
|
]
|
|
535
535
|
],
|
|
536
|
+
[
|
|
537
|
+
"DeleteCSPMAzureManagementGroup",
|
|
538
|
+
"DELETE",
|
|
539
|
+
"/cloud-connect-cspm-azure/entities/management-group/v1",
|
|
540
|
+
"Deletes Azure management groups from the system.",
|
|
541
|
+
"cspm_registration",
|
|
542
|
+
[
|
|
543
|
+
{
|
|
544
|
+
"type": "array",
|
|
545
|
+
"items": {
|
|
546
|
+
"type": "string"
|
|
547
|
+
},
|
|
548
|
+
"collectionFormat": "multi",
|
|
549
|
+
"description": "Tenant ids to remove",
|
|
550
|
+
"name": "tenant_ids",
|
|
551
|
+
"in": "query"
|
|
552
|
+
}
|
|
553
|
+
]
|
|
554
|
+
],
|
|
536
555
|
[
|
|
537
556
|
"GetCSPMAzureUserScriptsAttachment",
|
|
538
557
|
"GET",
|
|
@@ -718,6 +737,20 @@ _cspm_registration_endpoints = [
|
|
|
718
737
|
}
|
|
719
738
|
]
|
|
720
739
|
],
|
|
740
|
+
[
|
|
741
|
+
"GetCSPMGCPValidateAccountsExt",
|
|
742
|
+
"POST",
|
|
743
|
+
"/cloud-connect-cspm-gcp/entities/account/validate/v1",
|
|
744
|
+
"Run a synchronous health check.",
|
|
745
|
+
"cspm_registration",
|
|
746
|
+
[
|
|
747
|
+
{
|
|
748
|
+
"name": "body",
|
|
749
|
+
"in": "body",
|
|
750
|
+
"required": True
|
|
751
|
+
}
|
|
752
|
+
]
|
|
753
|
+
],
|
|
721
754
|
[
|
|
722
755
|
"GetCSPMGCPServiceAccountsExt",
|
|
723
756
|
"GET",
|
|
@@ -734,6 +767,20 @@ _cspm_registration_endpoints = [
|
|
|
734
767
|
}
|
|
735
768
|
]
|
|
736
769
|
],
|
|
770
|
+
[
|
|
771
|
+
"ValidateCSPMGCPServiceAccountExt",
|
|
772
|
+
"POST",
|
|
773
|
+
"/cloud-connect-cspm-gcp/entities/service-accounts/validate/v1",
|
|
774
|
+
"Validates credentials for a service account",
|
|
775
|
+
"cspm_registration",
|
|
776
|
+
[
|
|
777
|
+
{
|
|
778
|
+
"name": "body",
|
|
779
|
+
"in": "body",
|
|
780
|
+
"required": True
|
|
781
|
+
}
|
|
782
|
+
]
|
|
783
|
+
],
|
|
737
784
|
[
|
|
738
785
|
"GetCSPMGCPUserScriptsAttachment",
|
|
739
786
|
"GET",
|
|
@@ -944,8 +991,8 @@ _cspm_registration_endpoints = [
|
|
|
944
991
|
"GetConfigurationDetections",
|
|
945
992
|
"GET",
|
|
946
993
|
"/detects/entities/iom/v1",
|
|
947
|
-
"Get list of active misconfigurations. This endpoint is deprecated, please use
|
|
948
|
-
"GetConfigurationDetectionEntities instead",
|
|
994
|
+
"Get list of active misconfigurations. This endpoint is deprecated, please use "
|
|
995
|
+
"GetConfigurationDetectionIDsV2 and GetConfigurationDetectionEntities instead",
|
|
949
996
|
"cspm_registration",
|
|
950
997
|
[
|
|
951
998
|
{
|
|
@@ -384,6 +384,54 @@ _discover_endpoints = [
|
|
|
384
384
|
}
|
|
385
385
|
]
|
|
386
386
|
],
|
|
387
|
+
[
|
|
388
|
+
"query_iot_hostsV2",
|
|
389
|
+
"GET",
|
|
390
|
+
"/discover/queries/iot-hosts/v2",
|
|
391
|
+
"Search for IoT assets in your environment by providing an FQL (Falcon Query Language) filter and paging "
|
|
392
|
+
"details. Returns a set of asset IDs which match the filter criteria.",
|
|
393
|
+
"discover",
|
|
394
|
+
[
|
|
395
|
+
{
|
|
396
|
+
"type": "string",
|
|
397
|
+
"description": "A pagination token used with the `limit` parameter to manage pagination of results. On "
|
|
398
|
+
" your first request, don't provide an `after` token. On subsequent requests, provide the `after` token from "
|
|
399
|
+
"the previous response to continue from that place in the results.",
|
|
400
|
+
"name": "after",
|
|
401
|
+
"in": "query"
|
|
402
|
+
},
|
|
403
|
+
{
|
|
404
|
+
"maximum": 100,
|
|
405
|
+
"minimum": 1,
|
|
406
|
+
"type": "integer",
|
|
407
|
+
"description": "The number of asset IDs to return in this response (min: 1, max: 100, default: 100). "
|
|
408
|
+
"Use with the `after` parameter to manage pagination of results.",
|
|
409
|
+
"name": "limit",
|
|
410
|
+
"in": "query"
|
|
411
|
+
},
|
|
412
|
+
{
|
|
413
|
+
"type": "string",
|
|
414
|
+
"description": "Sort assets by their properties. A single sort field is allowed. Common sort options "
|
|
415
|
+
"include:\n\n<ul><li>hostname|asc</li><li>product_type_desc|desc</li></ul>",
|
|
416
|
+
"name": "sort",
|
|
417
|
+
"in": "query"
|
|
418
|
+
},
|
|
419
|
+
{
|
|
420
|
+
"type": "string",
|
|
421
|
+
"description": "Filter assets using an FQL query. Common filter options include:<ul><li>entity_type:'m "
|
|
422
|
+
"anaged'</li><li>product_type_desc:'Workstation'</li><li>platform_name:'Windows'</li><li>last_seen_timestamp:>' "
|
|
423
|
+
"now-7d'</li></ul>\n\t\t\tAvailable filter fields that support exact match: device_family, device_class, "
|
|
424
|
+
"device_type, device_mode, business_criticality, line_of_business, virtual_zone, subnet, purdue_level, vlan, "
|
|
425
|
+
"local_ip_addresses, mac_addresses, physical_connections_count, data_providers\n\t\t\tAvailable filter fields "
|
|
426
|
+
"that supports wildcard (*): device_family, device_class, device_type, device_mode, business_criticality, "
|
|
427
|
+
"line_of_business, virtual_zone, subnet, purdue_level, vlan, local_ip_addresses, mac_addresses, "
|
|
428
|
+
"data_providers\n\t\t\tAvailable filter fields that supports range comparisons (>, <, >=, <=): "
|
|
429
|
+
"physical_connections_count\n\t\t\tAll filter fields and operations supports negation (!).",
|
|
430
|
+
"name": "filter",
|
|
431
|
+
"in": "query"
|
|
432
|
+
}
|
|
433
|
+
]
|
|
434
|
+
],
|
|
387
435
|
[
|
|
388
436
|
"query_logins",
|
|
389
437
|
"GET",
|
|
@@ -177,6 +177,20 @@ _falcon_complete_dashboard_endpoints = [
|
|
|
177
177
|
}
|
|
178
178
|
]
|
|
179
179
|
],
|
|
180
|
+
[
|
|
181
|
+
"AggregateSupportIssues",
|
|
182
|
+
"POST",
|
|
183
|
+
"/falcon-complete-dashboards/aggregates/support-issues/v1",
|
|
184
|
+
"Retrieve aggregate support issue ticket values based on the matched filter",
|
|
185
|
+
"falcon_complete_dashboard",
|
|
186
|
+
[
|
|
187
|
+
{
|
|
188
|
+
"name": "body",
|
|
189
|
+
"in": "body",
|
|
190
|
+
"required": True
|
|
191
|
+
}
|
|
192
|
+
]
|
|
193
|
+
],
|
|
180
194
|
[
|
|
181
195
|
"AggregateTotalDeviceCounts",
|
|
182
196
|
"POST",
|
|
@@ -454,7 +454,7 @@ _filevantage_endpoints = [
|
|
|
454
454
|
"is not supported at this time)\n\n * `watch_permissions_file_changes` (`macOS` is not supported at this "
|
|
455
455
|
"time)\n\nWindows registry key and value monitoring: \n\n * `watch_create_key_changes`\n\n * "
|
|
456
456
|
"`watch_delete_key_changes`\n\n * `watch_rename_key_changes`\n\n * `watch_set_value_changes`\n\n * "
|
|
457
|
-
"`watch_delete_value_changes`\n\n * `watch_create_file_changes`",
|
|
457
|
+
"`watch_permissions_key_changes`\n\n * `watch_delete_value_changes`\n\n * `watch_create_file_changes`",
|
|
458
458
|
"name": "body",
|
|
459
459
|
"in": "body",
|
|
460
460
|
"required": True
|