From ae59d71bfa4039f6f835db83d23aade29eb1e744 Mon Sep 17 00:00:00 2001 From: "ruturaj.jain.ctr" Date: Mon, 18 Nov 2024 20:58:06 +0530 Subject: [PATCH 1/3] Added new actions in crowdstrike falcon --- .../app-central/integrations/crowdstrike-falcon.md | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) diff --git a/docs/platform-services/automation-service/app-central/integrations/crowdstrike-falcon.md b/docs/platform-services/automation-service/app-central/integrations/crowdstrike-falcon.md index 78e2d886e2..d31ba0930b 100644 --- a/docs/platform-services/automation-service/app-central/integrations/crowdstrike-falcon.md +++ b/docs/platform-services/automation-service/app-central/integrations/crowdstrike-falcon.md @@ -7,8 +7,8 @@ import useBaseUrl from '@docusaurus/useBaseUrl'; crowdstrike-falcon -***Version: 1.10 -Updated: Oct 16, 2024*** +***Version: 1.11 +Updated: Nov 18, 2024*** The CrowdStrike Falcon integration allows you to pull and update Detections/Incidents, and search Incidents/Devices/Detections. @@ -29,6 +29,9 @@ The CrowdStrike Falcon integration allows you to pull and update Detections/Inci * **Search into Incidents** *(Enrichment)* - Search for incidents by providing an FQL filter, sorting, and paging details. * **Update Detections** *(Containment)* - Modify the state or assignee of Detections. +* **Update Alerts** *(Containment)* - Perform actions on Alerts identified by composite ID(s) in request. +* **Search into Alerts** *(Enrichment)* - Retrieves all Alerts ids that match a given query. +* **Alerts CrowdStrike Falcon Daemon** *(Containment)* - Daemon to pull CrowdStrike Alerts. ## Category @@ -56,3 +59,7 @@ EDR * October 16, 2024 (v1.10) - Added new actions + Create Indicators + Get Indicators +* November 18, 2024 (v1.11) - Added new actions + + Update Alerts + + Search into Alerts + + Alerts CrowdStrike Falcon Daemon From f7f1b046f4460af2abbe69f6bcee99ca3219c9c1 Mon Sep 17 00:00:00 2001 From: "ruturaj.jain.ctr" Date: Thu, 28 Nov 2024 15:21:52 +0530 Subject: [PATCH 2/3] changed version and date --- .../app-central/integrations/crowdstrike-falcon.md | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/docs/platform-services/automation-service/app-central/integrations/crowdstrike-falcon.md b/docs/platform-services/automation-service/app-central/integrations/crowdstrike-falcon.md index d31ba0930b..c107ecc647 100644 --- a/docs/platform-services/automation-service/app-central/integrations/crowdstrike-falcon.md +++ b/docs/platform-services/automation-service/app-central/integrations/crowdstrike-falcon.md @@ -7,8 +7,8 @@ import useBaseUrl from '@docusaurus/useBaseUrl'; crowdstrike-falcon -***Version: 1.11 -Updated: Nov 18, 2024*** +***Version: 1.12 +Updated: Nov 28, 2024*** The CrowdStrike Falcon integration allows you to pull and update Detections/Incidents, and search Incidents/Devices/Detections. @@ -31,7 +31,7 @@ The CrowdStrike Falcon integration allows you to pull and update Detections/Inci * **Update Detections** *(Containment)* - Modify the state or assignee of Detections. * **Update Alerts** *(Containment)* - Perform actions on Alerts identified by composite ID(s) in request. * **Search into Alerts** *(Enrichment)* - Retrieves all Alerts ids that match a given query. -* **Alerts CrowdStrike Falcon Daemon** *(Containment)* - Daemon to pull CrowdStrike Alerts. +* **Alerts CrowdStrike Falcon Daemon** *(Daemon)* - Daemon to pull CrowdStrike Alerts. ## Category @@ -59,7 +59,7 @@ EDR * October 16, 2024 (v1.10) - Added new actions + Create Indicators + Get Indicators -* November 18, 2024 (v1.11) - Added new actions +* November 28, 2024 (v1.12) - Added new actions + Update Alerts + Search into Alerts + Alerts CrowdStrike Falcon Daemon From 0d344f12623f84adab9f9fed89829363481b181e Mon Sep 17 00:00:00 2001 From: Ruturaj Jain <171145014+ruturajsumo@users.noreply.github.com> Date: Mon, 2 Dec 2024 10:56:09 +0530 Subject: [PATCH 3/3] Update docs/platform-services/automation-service/app-central/integrations/crowdstrike-falcon.md Co-authored-by: Kim (Sumo Logic) <56411016+kimsauce@users.noreply.github.com> --- .../app-central/integrations/crowdstrike-falcon.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/platform-services/automation-service/app-central/integrations/crowdstrike-falcon.md b/docs/platform-services/automation-service/app-central/integrations/crowdstrike-falcon.md index c107ecc647..312ffa1288 100644 --- a/docs/platform-services/automation-service/app-central/integrations/crowdstrike-falcon.md +++ b/docs/platform-services/automation-service/app-central/integrations/crowdstrike-falcon.md @@ -30,7 +30,7 @@ The CrowdStrike Falcon integration allows you to pull and update Detections/Inci details. * **Update Detections** *(Containment)* - Modify the state or assignee of Detections. * **Update Alerts** *(Containment)* - Perform actions on Alerts identified by composite ID(s) in request. -* **Search into Alerts** *(Enrichment)* - Retrieves all Alerts ids that match a given query. +* **Search into Alerts** *(Enrichment)* - Retrieves all Alerts IDs that match a given query. * **Alerts CrowdStrike Falcon Daemon** *(Daemon)* - Daemon to pull CrowdStrike Alerts. ## Category