Sensor Update Policy
| Operation ID | Description | ||||
|---|---|---|---|---|---|
|
Reveals an uninstall token for a specific device. To retrieve the bulk maintenance token pass the value 'MAINTENANCE' as the value for 'device_id' | ||||
|
Retrieve available builds for use with Sensor Update Policies | ||||
|
Search for members of a Sensor Update Policy in your environment by providing an FQL filter and paging details. Returns a set of host details which match the filter criteria | ||||
|
Search for Sensor Update Policies in your environment by providing an FQL filter and paging details. Returns a set of Sensor Update Policies which match the filter criteria | ||||
|
Search for Sensor Update Policies with additional support for uninstall protection in your environment by providing an FQL filter and paging details. Returns a set of Sensor Update Policies which match the filter criteria | ||||
|
Perform the specified action on the Sensor Update Policies specified in the request | ||||
|
Sets the precedence of Sensor Update Policies based on the order of IDs specified in the request. The first ID specified will have the highest precedence and the last ID specified will have the lowest. You must specify all non-Default Policies for a platform when updating precedence | ||||
|
Retrieve a set of Sensor Update Policies by specifying their IDs | ||||
|
Create Sensor Update Policies by specifying details about the policy to create | ||||
|
Delete a set of Sensor Update Policies by specifying their IDs | ||||
|
Update Sensor Update Policies by specifying the ID of the policy and details to update | ||||
|
Retrieve a set of Sensor Update Policies with additional support for uninstall protection by specifying their IDs | ||||
|
Create Sensor Update Policies by specifying details about the policy to create with additional support for uninstall protection | ||||
|
Update Sensor Update Policies by specifying the ID of the policy and details to update with additional support for uninstall protection | ||||
|
Search for members of a Sensor Update Policy in your environment by providing an FQL filter and paging details. Returns a set of Agent IDs which match the filter criteria | ||||
|
Search for Sensor Update Policies in your environment by providing an FQL filter and paging details. Returns a set of Sensor Update Policy IDs which match the filter criteria | ||||
Reveals an uninstall token for a specific device or the bulk maintenace token.
To retrieve the bulk maintenance token pass the value MAINTENANCE as the value for device_id.
reveal_uninstall_token
- Produces: application/json
| Name | Service | Uber | Type | Datatype | Description |
|---|---|---|---|---|---|
| audit_message |
 |
 |
body | string | Message to list in the audit log for this action. |
| body |
|
 |
body | string | Full body payload in JSON format. |
| device_id |
|
|
body | string | Device ID to retrieve the uninstall token for. Pass the value MAINTENANCE here to retrieve the bulk maintenance token. |
from falconpy import SensorUpdatePolicy
falcon = SensorUpdatePolicy(client_id="API_CLIENT_ID_HERE",
client_secret="API_CLIENT_SECRET_HERE"
)
response = falcon.reveal_uninstall_token(audit_message="string",
device_id="string"
)
print(response)from falconpy import SensorUpdatePolicy
falcon = SensorUpdatePolicy(client_id="API_CLIENT_ID_HERE",
client_secret="API_CLIENT_SECRET_HERE"
)
response = falcon.revealUninstallToken(audit_message="string",
device_id="string"
)
print(response)from falconpy import APIHarness
falcon = APIHarness(client_id="API_CLIENT_ID_HERE",
client_secret="API_CLIENT_SECRET_HERE"
)
BODY = {
"audit_message": "string",
"device_id": "string"
}
response = falcon.command("revealUninstallToken", body=BODY)
print(response)Retrieve available builds for use with Sensor Update Policies
query_combined_builds
- Produces: application/json
| Name | Service | Uber | Type | Datatype | Description |
|---|---|---|---|---|---|
| platform |
|
|
query | string | The platform to return builds for. Allowed values:
|
| parameters |
|
|
query | string | Full query string parameters payload in JSON format. |
from falconpy import SensorUpdatePolicy
falcon = SensorUpdatePolicy(client_id="API_CLIENT_ID_HERE",
client_secret="API_CLIENT_SECRET_HERE"
)
response = falcon.query_combined_builds(platform="string")
print(response)from falconpy import SensorUpdatePolicy
falcon = SensorUpdatePolicy(client_id="API_CLIENT_ID_HERE",
client_secret="API_CLIENT_SECRET_HERE"
)
response = falcon.queryCombinedSensorUpdateBuilds(platform="string")
print(response)from falconpy import APIHarness
falcon = APIHarness(client_id="API_CLIENT_ID_HERE",
client_secret="API_CLIENT_SECRET_HERE"
)
response = falcon.command("queryCombinedSensorUpdateBuilds", platform="string")
print(response)Search for members of a Sensor Update Policy in your environment by providing an FQL filter and paging details. Returns a set of host details which match the filter criteria
query_combined_policy_members
- Produces: application/json
| Name | Service | Uber | Type | Datatype | Description |
|---|---|---|---|---|---|
| id |
|
|
query | string | The ID of the Sensor Update Policy to search for members of. |
| filter |
|
|
query | string | The filter expression that should be used to limit the results using FQL syntax. |
| limit |
|
|
query | integer | The maximum number of records to return. [1-5000] |
| offset |
|
|
query | integer | The offset to start retrieving records from. |
| parameters |
|
|
query | string | Full query string parameters payload in JSON format. |
| sort |
|
|
query | string | The property to sort by in FQL syntax. |
from falconpy import SensorUpdatePolicy
falcon = SensorUpdatePolicy(client_id="API_CLIENT_ID_HERE",
client_secret="API_CLIENT_SECRET_HERE"
)
response = falcon.query_combined_policy_members(id="string",
filter="string",
offset=integer,
limit=integer,
sort="string"
)
print(response)from falconpy import SensorUpdatePolicy
falcon = SensorUpdatePolicy(client_id="API_CLIENT_ID_HERE",
client_secret="API_CLIENT_SECRET_HERE"
)
response = falcon.queryCombinedSensorUpdatePolicyMembers(id="string",
filter="string",
offset=integer,
limit=integer,
sort="string"
)
print(response)from falconpy import APIHarness
falcon = APIHarness(client_id="API_CLIENT_ID_HERE",
client_secret="API_CLIENT_SECRET_HERE"
)
response = falcon.command("queryCombinedSensorUpdatePolicyMembers",
id="string",
filter="string",
offset=integer,
limit=integer,
sort="string"
)
print(response)Search for Sensor Update Policies in your environment by providing an FQL filter and paging details. Returns a set of Sensor Update Policies which match the filter criteria
query_combined_policies
- Produces: application/json
| Name | Service | Uber | Type | Datatype | Description |
|---|---|---|---|---|---|
| filter |
|
|
query | string | The filter expression that should be used to limit the results using FQL syntax. |
| limit |
|
|
query | integer | The maximum number of records to return. [1-5000] |
| offset |
|
|
query | integer | The offset to start retrieving records from. |
| parameters |
|
|
query | string | Full query string parameters payload in JSON format. |
| sort |
|
|
query | string | The property to sort by in FQL syntax. |
from falconpy import SensorUpdatePolicy
falcon = SensorUpdatePolicy(client_id="API_CLIENT_ID_HERE",
client_secret="API_CLIENT_SECRET_HERE"
)
response = falcon.query_combined_policies(filter="string",
offset=integer,
limit=integer,
sort="string"
)
print(response)from falconpy import SensorUpdatePolicy
falcon = SensorUpdatePolicy(client_id="API_CLIENT_ID_HERE",
client_secret="API_CLIENT_SECRET_HERE"
)
response = falcon.queryCombinedSensorUpdatePolicies(filter="string",
offset=integer,
limit=integer,
sort="string"
)
print(response)from falconpy import APIHarness
falcon = APIHarness(client_id="API_CLIENT_ID_HERE",
client_secret="API_CLIENT_SECRET_HERE"
)
response = falcon.command("queryCombinedSensorUpdatePolicies",
filter="string",
offset=integer,
limit=integer,
sort="string"
)
print(response)Search for Sensor Update Policies with additional support for uninstall protection in your environment by providing an FQL filter and paging details. Returns a set of Sensor Update Policies which match the filter criteria
query_combined_policies_v2
- Produces: application/json
| Name | Service | Uber | Type | Datatype | Description |
|---|---|---|---|---|---|
| filter |
|
|
query | string | The filter expression that should be used to limit the results using FQL syntax. |
| limit |
|
|
query | integer | The maximum number of records to return. [1-5000] |
| offset |
|
|
query | integer | The offset to start retrieving records from. |
| parameters |
|
|
query | string | Full query string parameters payload in JSON format. |
| sort |
|
|
query | string | The property to sort by in FQL syntax. |
from falconpy import SensorUpdatePolicy
falcon = SensorUpdatePolicy(client_id="API_CLIENT_ID_HERE",
client_secret="API_CLIENT_SECRET_HERE"
)
response = falcon.query_combined_policies_v2(filter="string",
offset=integer,
limit=integer,
sort="string"
)
print(response)from falconpy import SensorUpdatePolicy
falcon = SensorUpdatePolicy(client_id="API_CLIENT_ID_HERE",
client_secret="API_CLIENT_SECRET_HERE"
)
response = falcon.queryCombinedSensorUpdatePoliciesV2(filter="string",
offset=integer,
limit=integer,
sort="string"
)
print(response)from falconpy import APIHarness
falcon = APIHarness(client_id="API_CLIENT_ID_HERE",
client_secret="API_CLIENT_SECRET_HERE"
)
response = falcon.command("queryCombinedSensorUpdatePoliciesV2",
filter="string",
offset=integer,
limit=integer,
sort="string"
)
print(response)Perform the specified action on the Sensor Update Policies specified in the request
perform_policies_action
- Produces: application/json
| Name | Service | Uber | Type | Datatype | Description |
|---|---|---|---|---|---|
| action_name |
|
|
query | string | Specify one of these actions:
|
| action_parameters |
|
|
body | list of dictionaries | Action specific parameter options. { "name": "string", "value": "string" } |
| body |
|
|
body | string | Full body payload in JSON format. |
| ids |
|
|
body | string or list of strings | The ID of the Sensor Update Policy you want to impact. If you provide IDs to the method using this keyword, you do not have to provide a body payload. (Service class usage only) |
| parameters |
|
|
query | string | Full query string parameters payload in JSON format. |
from falconpy import SensorUpdatePolicy
falcon = SensorUpdatePolicy(client_id="API_CLIENT_ID_HERE",
client_secret="API_CLIENT_SECRET_HERE"
)
act_params = {
"name": "string",
"value": "string"
}
id_list = 'ID1,ID2,ID3' # Can also pass a list here: ['ID1', 'ID2', 'ID3']
response = falcon.perform_policies_action(action_name="string",
action_parameters=act_params,
ids=id_list
)
print(response)from falconpy import SensorUpdatePolicy
falcon = SensorUpdatePolicy(client_id="API_CLIENT_ID_HERE",
client_secret="API_CLIENT_SECRET_HERE"
)
act_params = [{
"name": "string",
"value": "string"
}]
id_list = 'ID1,ID2,ID3' # Can also pass a list here: ['ID1', 'ID2', 'ID3']
response = falcon.performSensorUpdatePoliciesAction(action_name="string",
action_parameters=act_params,
ids=id_list
)
print(response)from falconpy import APIHarness
falcon = APIHarness(client_id="API_CLIENT_ID_HERE",
client_secret="API_CLIENT_SECRET_HERE"
)
id_list = ['ID1', 'ID2', 'ID3']
BODY = {
"action_parameters": [
{
"name": "string",
"value": "string"
}
],
"ids": id_list
}
response = falcon.command("performSensorUpdatePoliciesAction", action_name="string", body=BODY)
print(response)
# Can also use the following syntax
response = falcon.command("performSensorUpdatePoliciesAction",
action_name="string",
parameters=PARAMS,
body=BODY
)
print(response)Sets the precedence of Sensor Update Policies based on the order of IDs specified in the request. The first ID specified will have the highest precedence and the last ID specified will have the lowest. You must specify all non-Default Policies for a platform when updating precedence
set_policies_precedence
- Produces: application/json
| Name | Service | Uber | Type | Datatype | Description |
|---|---|---|---|---|---|
| body |
|
|
body | string | Full body payload in JSON format. |
| ids |
|
|
body | string or list of strings | The ID of the Sensor Update Policy you want to impact. If you provide IDs to the method using this keyword, you do not have to provide a body payload. (Service class usage only) |
| platform_name |
|
|
body | string | Operating System platform name. |
from falconpy import SensorUpdatePolicy
falcon = SensorUpdatePolicy(client_id="API_CLIENT_ID_HERE",
client_secret="API_CLIENT_SECRET_HERE"
)
id_list = 'ID1,ID2,ID3' # Can also pass a list here: ['ID1', 'ID2', 'ID3']
response = falcon.set_policies_precedence(ids=id_list, platform_name="string")
print(response)from falconpy import SensorUpdatePolicy
falcon = SensorUpdatePolicy(client_id="API_CLIENT_ID_HERE",
client_secret="API_CLIENT_SECRET_HERE"
)
id_list = 'ID1,ID2,ID3' # Can also pass a list here: ['ID1', 'ID2', 'ID3']
response = falcon.setSensorUpdatePoliciesPrecedence(ids=id_list, platform_name="string")
print(response)from falconpy import APIHarness
falcon = APIHarness(client_id="API_CLIENT_ID_HERE",
client_secret="API_CLIENT_SECRET_HERE"
)
id_list = ['ID1', 'ID2', 'ID3']
BODY = {
"ids": id_list,
"platform_name": "Windows"
}
response = falcon.command("setSensorUpdatePoliciesPrecedence", body=BODY)
print(response)Retrieve a set of Sensor Update Policies by specifying their IDs
get_policies
- Produces: application/json
| Name | Service | Uber | Type | Datatype | Description |
|---|---|---|---|---|---|
| ids |
|
|
query | string or list of strings | The IDs of the Sensor Update Policy to retrieve. |
| parameters |
|
|
query | string | Full query string parameters payload in JSON format. |
from falconpy import SensorUpdatePolicy
falcon = SensorUpdatePolicy(client_id="API_CLIENT_ID_HERE",
client_secret="API_CLIENT_SECRET_HERE"
)
id_list = 'ID1,ID2,ID3' # Can also pass a list here: ['ID1', 'ID2', 'ID3']
response = falcon.get_policies(ids=id_list)
print(response)from falconpy import SensorUpdatePolicy
falcon = SensorUpdatePolicy(client_id="API_CLIENT_ID_HERE",
client_secret="API_CLIENT_SECRET_HERE"
)
id_list = 'ID1,ID2,ID3' # Can also pass a list here: ['ID1', 'ID2', 'ID3']
response = falcon.getSensorUpdatePolicies(ids=id_list)
print(response)from falconpy import APIHarness
falcon = APIHarness(client_id="API_CLIENT_ID_HERE",
client_secret="API_CLIENT_SECRET_HERE"
)
id_list = 'ID1,ID2,ID3' # Can also pass a list here: ['ID1', 'ID2', 'ID3']
response = falcon.command("getSensorUpdatePolicies", ids=id_list)
print(response)Create Sensor Update Policies by specifying details about the policy to create
create_policies
- Produces: application/json
| Name | Service | Uber | Type | Datatype | Description |
|---|---|---|---|---|---|
| body |
|
|
body | string | Full body payload in JSON format. |
| build |
|
|
body | string | Build this Sensor update policy applies to. |
| description |
|
|
body | string | Sensor update policy description. |
| name |
|
|
body | string | Name of the Sensor Update policy. |
| platform_name |
|
|
body | string | Name of the OS platform the Sensor Update policy applies to. |
| settings |
|
|
body | dictionary | Sensor Update policy specific settings. Overrides the value of build if present.{ "build": "string" } |
from falconpy import SensorUpdatePolicy
falcon = SensorUpdatePolicy(client_id="API_CLIENT_ID_HERE",
client_secret="API_CLIENT_SECRET_HERE"
)
response = falcon.create_policies(build="string",
description="string",
name="string",
platform_name="string"
)
print(response)from falconpy import SensorUpdatePolicy
falcon = SensorUpdatePolicy(client_id="API_CLIENT_ID_HERE",
client_secret="API_CLIENT_SECRET_HERE"
)
response = falcon.createSensorUpdatePolicies(build="string",
description="string",
name="string",
platform_name="string"
)
print(response)from falconpy import APIHarness
falcon = APIHarness(client_id="API_CLIENT_ID_HERE",
client_secret="API_CLIENT_SECRET_HERE"
)
BODY = {
"resources": [
{
"description": "string",
"name": "string",
"platform_name": "string",
"settings": {
"build": "string"
}
}
]
}
response = falcon.command("createSensorUpdatePolicies", body=BODY)
print(response)Delete a set of Sensor Update Policies by specifying their IDs
delete_policies
- Produces: application/json
| Name | Service | Uber | Type | Datatype | Description |
|---|---|---|---|---|---|
| ids |
|
|
query | string or list of strings | The IDs of the Sensor Update policies to delete. |
| parameters |
|
|
query | string | Full query string parameters payload in JSON format. |
from falconpy import SensorUpdatePolicy
falcon = SensorUpdatePolicy(client_id="API_CLIENT_ID_HERE",
client_secret="API_CLIENT_SECRET_HERE"
)
id_list = 'ID1,ID2,ID3' # Can also pass a list here: ['ID1', 'ID2', 'ID3']
response = falcon.delete_policies(ids=id_list)
print(response)from falconpy import SensorUpdatePolicy
falcon = SensorUpdatePolicy(client_id="API_CLIENT_ID_HERE",
client_secret="API_CLIENT_SECRET_HERE"
)
id_list = 'ID1,ID2,ID3' # Can also pass a list here: ['ID1', 'ID2', 'ID3']
response = falcon.deleteSensorUpdatePolicies(ids=id_list)
print(response)from falconpy import APIHarness
falcon = APIHarness(client_id="API_CLIENT_ID_HERE",
client_secret="API_CLIENT_SECRET_HERE"
)
id_list = 'ID1,ID2,ID3' # Can also pass a list here: ['ID1', 'ID2', 'ID3']
response = falcon.command("deleteSensorUpdatePolicies", ids=id_list)
print(response)Update Sensor Update Policies by specifying the ID of the policy and details to update
update_policies
- Produces: application/json
| Name | Service | Uber | Type | Datatype | Description |
|---|---|---|---|---|---|
| body |
|
|
body | string | Full body payload in JSON format. |
| build |
|
|
body | string | Build this Sensor update policy applies to. |
| description |
|
|
body | string | Sensor update policy description. |
| id |
|
|
body | string | ID the Sensor Update policy to update. |
| name |
|
|
body | string | Name of the Sensor Update policy. |
| settings |
|
|
body | dictionary | Sensor Update policy specific settings. Overrides the value of build if present.{ "build": "string" } |
from falconpy import SensorUpdatePolicy
falcon = SensorUpdatePolicy(client_id="API_CLIENT_ID_HERE",
client_secret="API_CLIENT_SECRET_HERE"
)
response = falcon.update_policies(build="string",
description="string",
name="string",
id="string"
)
print(response)from falconpy import SensorUpdatePolicy
falcon = SensorUpdatePolicy(client_id="API_CLIENT_ID_HERE",
client_secret="API_CLIENT_SECRET_HERE"
)
BODY = {
"Body Payload": "See body description above"
}
response = falcon.updateSensorUpdatePolicies(build="string",
description="string",
name="string",
id="string"
)
print(response)from falconpy import APIHarness
falcon = APIHarness(client_id="API_CLIENT_ID_HERE",
client_secret="API_CLIENT_SECRET_HERE"
)
BODY = {
"resources": [
{
"description": "string",
"id": "string",
"name": "string",
"settings": {
"build": "string"
}
}
]
}
response = falcon.command("updateSensorUpdatePolicies", body=BODY)
print(response)Retrieve a set of Sensor Update Policies with additional support for uninstall protection by specifying their IDs
get_policies_v2
- Produces: application/json
| Name | Service | Uber | Type | Datatype | Description |
|---|---|---|---|---|---|
| ids |
|
|
query | string or list of strings | The IDs of the Sensor Update policies to retrieve. |
| parameters |
|
|
query | string | Full query string parameters payload in JSON format. |
from falconpy import SensorUpdatePolicy
falcon = SensorUpdatePolicy(client_id="API_CLIENT_ID_HERE",
client_secret="API_CLIENT_SECRET_HERE"
)
id_list = 'ID1,ID2,ID3' # Can also pass a list here: ['ID1', 'ID2', 'ID3']
response = falcon.get_policies_v2(ids=id_list)
print(response)from falconpy import SensorUpdatePolicy
falcon = SensorUpdatePolicy(client_id="API_CLIENT_ID_HERE",
client_secret="API_CLIENT_SECRET_HERE"
)
id_list = 'ID1,ID2,ID3' # Can also pass a list here: ['ID1', 'ID2', 'ID3']
response = falcon.getSensorUpdatePoliciesV2(ids=id_list)
print(response)from falconpy import APIHarness
falcon = APIHarness(client_id="API_CLIENT_ID_HERE",
client_secret="API_CLIENT_SECRET_HERE"
)
id_list = 'ID1,ID2,ID3' # Can also pass a list here: ['ID1', 'ID2', 'ID3']
response = falcon.command("getSensorUpdatePoliciesV2", ids=id_list)
print(response)Create Sensor Update Policies by specifying details about the policy to create with additional support for uninstall protection
create_policies_v2
- Produces: application/json
| Name | Service | Uber | Type | Datatype | Description |
|---|---|---|---|---|---|
| body |
|
|
body | string | Full body payload in JSON format. |
| build |
|
|
body | string | Build this Sensor update policy applies to. |
| description |
|
|
body | string | Sensor update policy description. |
| name |
|
|
body | string | Name of the Sensor Update policy. |
| platform_name |
|
|
body | string | Name of the OS platform the Sensor Update policy applies to. |
| settings |
|
|
body | dictionary | Sensor Update policy specific settings. Overrides the value of build if present.{ "build": "string" } |
| uninstall_protection |
|
|
body | string | Boolean indicating if uninstall protection should be enabled. Allowed values:
|
from falconpy import SensorUpdatePolicy
falcon = SensorUpdatePolicy(client_id="API_CLIENT_ID_HERE",
client_secret="API_CLIENT_SECRET_HERE"
)
response = falcon.create_policies_v2(build="string",
description="string",
name="string",
platform_name="string",
uninstall_protection="ENABLED"
)
print(response)from falconpy import SensorUpdatePolicy
falcon = SensorUpdatePolicy(client_id="API_CLIENT_ID_HERE",
client_secret="API_CLIENT_SECRET_HERE"
)
response = falcon.createSensorUpdatePoliciesV2(build="string",
description="string",
name="string",
platform_name="string",
uninstall_protection="ENABLED"
)
print(response)from falconpy import APIHarness
falcon = APIHarness(client_id="API_CLIENT_ID_HERE",
client_secret="API_CLIENT_SECRET_HERE"
)
BODY = {
"resources": [
{
"description": "string",
"name": "string",
"platform_name": "Windows",
"settings": {
"build": "string",
"uninstall_protection": "ENABLED"
}
}
]
}
response = falcon.command("createSensorUpdatePoliciesV2", body=BODY)
print(response)Update Sensor Update Policies by specifying the ID of the policy and details to update with additional support for uninstall protection
update_policies_v2
- Produces: application/json
| Name | Service | Uber | Type | Datatype | Description |
|---|---|---|---|---|---|
| body |
|
|
body | string | Full body payload in JSON format. |
| build |
|
|
body | string | Build this Sensor update policy applies to. |
| description |
|
|
body | string | Sensor update policy description. |
| id |
|
|
body | string | ID of the Sensor Update policy to update. |
| name |
|
|
body | string | Name of the Sensor Update policy. |
| settings |
|
|
body | dictionary | Sensor Update policy specific settings. Overrides the value of build if present.{ "build": "string" } |
| uninstall_protection |
|
|
body | string | Boolean indicating if uninstall protection should be enabled. Allowed values:
|
from falconpy import SensorUpdatePolicy
falcon = SensorUpdatePolicy(client_id="API_CLIENT_ID_HERE",
client_secret="API_CLIENT_SECRET_HERE"
)
response = falcon.update_policies_v2(build="string",
description="string",
name="string",
platform_name="string",
uninstall_protection="ENABLED"
)
print(response)from falconpy import SensorUpdatePolicy
falcon = SensorUpdatePolicy(client_id="API_CLIENT_ID_HERE",
client_secret="API_CLIENT_SECRET_HERE"
)
response = falcon.updateSensorUpdatePoliciesV2(build="string",
description="string",
name="string",
platform_name="string",
uninstall_protection="ENABLED"
)
print(response)from falconpy import APIHarness
falcon = APIHarness(client_id="API_CLIENT_ID_HERE",
client_secret="API_CLIENT_SECRET_HERE"
)
BODY = {
"resources": [
{
"description": "string",
"id": "string",
"name": "string",
"settings": {
"build": "string",
"uninstall_protection": "ENABLED"
}
}
]
}
response = falcon.command("updateSensorUpdatePoliciesV2", body=BODY)
print(response)Search for members of a Sensor Update Policy in your environment by providing an FQL filter and paging details. Returns a set of Agent IDs which match the filter criteria
query_policy_members
- Produces: application/json
| Name | Service | Uber | Type | Datatype | Description |
|---|---|---|---|---|---|
| id |
|
|
query | string | The ID of the Sensor Update Policy to search for members of. |
| filter |
|
|
query | string | The filter expression that should be used to limit the results using FQL syntax. |
| limit |
|
|
query | integer | The maximum number of records to return. [1-5000] |
| offset |
|
|
query | integer | The offset to start retrieving records from. |
| parameters |
|
|
query | string | Full query string parameters payload in JSON format. |
| sort |
|
|
query | string | The property to sort by in FQL syntax. |
from falconpy import SensorUpdatePolicy
falcon = SensorUpdatePolicy(client_id="API_CLIENT_ID_HERE",
client_secret="API_CLIENT_SECRET_HERE"
)
response = falcon.query_policy_members(id="string",
filter="string",
offset=integer,
limit=integer,
sort="string"
)
print(response)from falconpy import SensorUpdatePolicy
falcon = SensorUpdatePolicy(client_id="API_CLIENT_ID_HERE",
client_secret="API_CLIENT_SECRET_HERE"
)
response = falcon.querySensorUpdatePolicyMembers(id="string",
filter="string",
offset=integer,
limit=integer,
sort="string"
)
print(response)from falconpy import APIHarness
falcon = APIHarness(client_id="API_CLIENT_ID_HERE",
client_secret="API_CLIENT_SECRET_HERE"
)
response = falcon.command("querySensorUpdatePolicyMembers",
id="string",
filter="string",
offset=integer,
limit=integer,
sort="string"
)
print(response)Search for Sensor Update Policies in your environment by providing an FQL filter and paging details. Returns a set of Sensor Update Policy IDs which match the filter criteria
query_policies
- Produces: application/json
| Name | Service | Uber | Type | Datatype | Description |
|---|---|---|---|---|---|
| filter |
|
|
query | string | The filter expression that should be used to limit the results using FQL syntax. |
| limit |
|
|
query | integer | The maximum number of records to return. [1-5000] |
| offset |
|
|
query | integer | The offset to start retrieving records from. |
| parameters |
|
|
query | string | Full query string parameters payload in JSON format. |
| sort |
|
|
query | string | The property to sort by in FQL syntax. |
from falconpy import SensorUpdatePolicy
falcon = SensorUpdatePolicy(client_id="API_CLIENT_ID_HERE",
client_secret="API_CLIENT_SECRET_HERE"
)
response = falcon.query_policies(filter="string",
offset=integer,
limit=integer,
sort="string"
)
print(response)from falconpy import SensorUpdatePolicy
falcon = SensorUpdatePolicy(client_id="API_CLIENT_ID_HERE",
client_secret="API_CLIENT_SECRET_HERE"
)
response = falcon.querySensorUpdatePolicies(filter="string",
offset=integer,
limit=integer,
sort="string"
)
print(response)from falconpy import APIHarness
falcon = APIHarness(client_id="API_CLIENT_ID_HERE",
client_secret="API_CLIENT_SECRET_HERE"
)
response = falcon.command("querySensorUpdatePolicies",
filter="string",
offset=integer,
limit=integer,
sort="string"
)
print(response)
- Home
- Discussions Board
- Glossary of Terms
- Installation, Upgrades and Removal
- Samples Collection
- Using FalconPy
- API Operations
-
Service Collections
- Alerts
- API Integrations
- ASPM
- Certificate Based Exclusions
- Cloud Connect AWS (deprecated)
- Cloud Snapshots
- Compliance Assessments
- Configuration Assessment
- Configuration Assessment Evaluation Logic
- Container Alerts
- Container Detections
- Container Images
- Container Packages
- Container Vulnerabilities
- CSPM Registration
- Custom IOAs
- Custom Storage
- D4C Registration (deprecated)
- DataScanner
- Delivery Settings
- Detects
- Device Control Policies
- Discover
- Downloads
- Drift Indicators
- Event Streams
- Exposure Management
- Falcon Complete Dashboard
- Falcon Container
- Falcon Intelligence Sandbox
- FDR
- FileVantage
- Firewall Management
- Firewall Policies
- Foundry LogScale
- Host Group
- Host Migration
- Hosts
- Identity Protection
- Image Assessment Policies
- Incidents
- Installation Tokens
- Intel
- IOA Exclusions
- IOC
- IOCs (deprecated)
- Kubernetes Protection
- MalQuery
- Message Center
- ML Exclusions
- Mobile Enrollment
- MSSP (Flight Control)
- OAuth2
- ODS (On Demand Scan)
- Overwatch Dashboard
- Prevention Policy
- Quarantine
- Quick Scan
- Quick Scan Pro
- Real Time Response
- Real Time Response Admin
- Real Time Response Audit
- Recon
- Report Executions
- Response Policies
- Sample Uploads
- Scheduled Reports
- Sensor Download
- Sensor Update Policy
- Sensor Usage
- Sensor Visibility Exclusions
- Spotlight Evaluation Logic
- Spotlight Vulnerabilities
- Tailored Intelligence
- ThreatGraph
- Unidentified Containers
- User Management
- Workflows
- Zero Trust Assessment
- Documentation Support
-
CrowdStrike SDKs
- Crimson Falcon - Ruby
- FalconPy - Python 3
- FalconJS - Javascript
- goFalcon - Go
- PSFalcon - Powershell
- Rusty Falcon - Rust
