Skip to content

Latest commit

 

History

History
 
 

falconx-sandbox

Get-CsAnalysisId

Find sandbox reports

References

Documentation, Swagger

Parameters

-Filter: Optional filter and sort criteria in the form of an FQL query

-Limit: The maximum records to return [default: 5000]

-Offset: The offset to start retrieving records from [default: 0]

-All: Repeat request until all results are returned

Example

PS> Get-CsAnalysisId

Get-CsAnalysisInfo

Get a short summary version of a sandbox report

References

Documentation, Swagger

Parameters

-Id: ID of one or more summaries

Example

PS> Get-CsAnalysisInfo -Id @(<string>, <string>)

Get-CsSubmissionId

Find submission IDs for uploaded files

References

Documentation, Swagger

Parameters

-Filter: Optional filter and sort criteria in the form of an FQL query

-Limit: The maximum records to return [default: 5000]

-Offset: The offset to start retrieving records from [default: 0]

-All: Repeat request until all results are returned

Example

PS> Get-CsSubmissionId

Get-CsSubmissionInfo

Check the status of a sandbox analysis

References

Documentation, Swagger

Parameters

-Id: Id of a submitted malware sample

Example

PS> Get-CsSubmissionInfo -Id @(<string>, <string>)

Get-CsSubmissionQuota

Get your current Falcon X quota status

References

Documentation

Example

PS> Get-CsSubmissionQuota

New-CsSample

Upload a file for sandbox analysis

References

Documentation, Swagger

Parameters

-Path: The full path to the file to upload

-Comment: A descriptive comment to identify the file for other users

-Confidential: Defines visibility of this file in Falcon MalQuery [default: True]

Example

PS> New-CsSample -Path <string>

Receive-CsArtifact

Download IOC packs, PCAP files, and other analysis artifacts

References

Documentation, Swagger

Parameters

-Id: ID of an artifact, such as an IOC pack, PCAP file or actor image

-Path: Destination path

-Name: The name given to your downloaded file

Example

PS> Receive-CsArtifact -Id <string> -Path <string>

Submit-CsSample

Submit an uploaded file or a URL for sandbox analysis. Time required for analysis varies but is usually less than 15 minutes

References

Documentation, Swagger

Parameters

-Sandbox: An array of Sandbox submission properties

Example

PS> Submit-CsSample -Sandbox @(@{})