diff --git a/README.md b/README.md index e33f6a9..7626a4a 100644 --- a/README.md +++ b/README.md @@ -8,6 +8,11 @@ Detection findings and audit events generated by CrowdStrike Falcon platform inf This project facilitates the export of the individual detections and audit events from CrowdStrike Falcon to third-party security dashboards (so called backends). The export is useful in cases where security operation team workflows are tied to given third-party solution to get early real-time heads-up about malicious activities or unusual user activities detected by CrowdStrike Falcon platform. +## Python Compatibility + +> [!IMPORTANT] +> Compatible with Python versions 3.7 through 3.11 + ## API Scopes API clients are granted one or more API scopes. Scopes allow access to specific CrowdStrike APIs and describe the actions that an API client can perform. @@ -137,37 +142,81 @@ To install as a container: docker logs ``` +### From the Python Package Index (PyPI) + +> [!IMPORTANT] +> Falcon Integration Gateway (FIG) versions below 3.2.1 on PyPI are broken and will not install correctly. Please ensure you install version 3.2.1 or higher from PyPI. + +1. Install the package using pip: + + ```bash + python3 -m pip install falcon-integration-gateway + ``` + +1. Once installed, create a configuration file or set your environment variables according to the [CONFIG](./config/config.ini) options before running the application. Example `config.ini` for the GENERIC backend: + + ```ini + [main] + backends = GENERIC + + [events] + older_than_days_threshold = 5 + + [logging] + level = DEBUG + + [falcon] + cloud_region = us-1 + client_id = ABCD + client_secret = ABCD + application_id = my-generic-id + ``` + +1. Run the application: + + ```bash + python3 -m fig + ``` + +#### Updating the FIG from PyPI + +To update the FIG package from PyPI, run: + +```bash +python3 -m pip install --upgrade falcon-integration-gateway +``` + ### From Git Repository > [!NOTE] > This method requires Python 3.7 or higher and a python package manager such as `pip` to be installed on your system. -1. Clone and navigate to the repository +1. Clone and navigate to the repository: ```bash git clone https://github.com/CrowdStrike/falcon-integration-gateway.git cd falcon-integration-gateway ``` -1. Install the python dependencies. +1. Install the python dependencies: ```bash - pip3 install -r requirements.txt + python3 -m pip install -r requirements.txt ``` 1. Modify the `./config/config.ini` file with your configuration options or set the associated environment variables. -1. Run the application +1. Run the application: ```bash python3 -m fig ``` -### Updating the FIG from the Git Repository +#### Updating the FIG from the Git Repository Depending on which configuration method you are using, follow the steps below to update the FIG from the Git repository. -#### config.ini +##### config.ini If you have made any changes to the `config.ini` file, you can update the FIG by following these steps: