Classifies CrowdStrike Falcon events.
CrowdStrike Falcon Streaming
- Details
- Content
- Dependencies
- Version History
Use the CrowdStrike Falcon Stream v2 integration to stream detections and audit security events.
Classifiers
| Name | Description |
|---|---|
CrowdStrike Falcon Streaming - Classifier | |
CrowdStrike Falcon Streaming - Incoming Mapper | Maps incoming CrowdStrike Falcon event fields. |
Automations
| Name | Description |
|---|---|
| CrowdStrikeStreamingPreProcessing | Pre processing script for CrowdStrike Streaming, will not duplicate incidents(detection events) that have same Host. This automation runs using the default Limited User role, unless you explicitly change the permissions. |
Integrations
| Name | Description |
|---|---|
| CrowdStrike Falcon Streaming v2 | Use the CrowdStrike Falcon Stream v2 integration to stream detections and audit security events. |
Required Content Packs (1)
| Pack Name | Pack By |
|---|---|
| Base | By: Cortex XSOAR |
Optional Content Packs (2)
| Pack Name | Pack By |
|---|---|
| Malware Core | By: Cortex XSOAR |
| Common Types | By: Cortex XSOAR |
All level dependencies (0)
| Pack Name | Pack By |
|---|
1.1.1 - R2233034 (January 10, 2022)
Scripts
CrowdStrikeStreamingPreProcessing
- Added reference to required permissions in automation's description and README.
1.1.0 - 1882648 (November 2, 2021)
Scripts
CrowdStrikeStreamingPreProcessing
- Breaking Change: DBotRole has been removed from this automation.
This change will affect any playbook that is dependent on, or runs, this automation.
This automation will now run using the default Limited User role, unless you explicitly change the permissions.
For more information, see the section about permissions here:
https://docs.paloaltonetworks.com/cortex/cortex-xsoar/6-2/cortex-xsoar-admin/playbooks/automations.html
1.0.18 - 7567740 (September 12, 2021)
Scripts
CrowdStrikeStreamingPreProcessing
- Updated the Docker image to: demisto/python:2.7.18.24066.
PUBLISHER
Cortex
PLATFORMS
Cortex XSOAR
INFO
| Certification | Certified | Read more |
| Supported By | Cortex | |
| Created | June 30, 2020 | |
| Last Release | March 8, 2023 |
WORKS WITH THE FOLLOWING INTEGRATIONS:
