Skip to content

ConvertTo FalconIoaExclusion

Jump to bottom
bk-cs edited this page Oct 6, 2022 · 17 revisions

ConvertTo-FalconIoaExclusion

SYNOPSIS

Output required fields to create an Indicator of Attack exclusion from a Falcon detection

DESCRIPTION

Uses the 'behaviors' and 'device' properties of a detection to generate the necessary fields to create a new

PARAMETERS

Name Type Min Max Allowed Pipeline PipelineByName Description
Detection Object X Falcon detection content, including 'behaviors' and 'device'

SYNTAX

ConvertTo-FalconIoaExclusion [-Detection] <Object> [<CommonParameters>]

Generated 2022-10-06 using PSFalcon v2.2.3

Clone this wiki locally