Contact sales
Details

This atomic belongs to the CrowdStrike atomic group.

This atomic allows to fetch information about combined alerts from CrowdStrike.

Target: CrowdStrike integration target or an HTTP Endpoint for "api.crowdstrike.com"

Account Key: None if using an integration-provided target, access token if using an HTTP Endpoint target

Steps:

  • Build the authorization header
  • Build the request payload
  • Search combined alerts
  • Check if the API request succeeded:
    • If it did, check if the alert was found and set the output variable
    • If it didn't, output an error

More information about this API can be found in the CrowdStrike documentation.

About
Integration
Authorship
Cisco Managed