Edit FalconIoaGroup
Modify a custom Indicator of Attack rule group
Requires 'Custom IOA Rules: Write'.
| Name | Type | Min | Max | Allowed | Pipeline | PipelineByName | Description |
|---|---|---|---|---|---|---|---|
| Name | String | X | Rule group name | ||||
| Enabled | Boolean | X | Rule group enablement status | ||||
| Description | String | X | Rule group description | ||||
| Comment | String | X | Audit log comment | ||||
| Id | String | X | Rule group identifier |
Edit-FalconIoaGroup [[-Name] <String>] [[-Enabled] <Boolean>] [[-Description] <String>] [[-Comment] <String>] [-Id] <String> [-WhatIf] [-Confirm] [<CommonParameters>]$Current = Get-FalconIoaGroup -Filter "name:'newRuleGroup'" -Detailed Edit-FalconIoaGroup -Id $Current.id -Name 'updatedRuleGroup' -Enabled $true -RulegroupVersion $Current.version -Description 'My updated mac rule group' -Comment 'Updated using PSFalcon'Generated 2022-15-06 using PSFalcon v2.2.3
