Skip to content

Get FalconOverWatchDetection

Jump to bottom
bk-cs edited this page Apr 28, 2023 · 18 revisions

Get-FalconOverWatchDetection

SYNOPSIS

Retrieve the total number of Falcon OverWatch detections across all customers

DESCRIPTION

Requires 'OverWatch Dashboard: Read'.

PARAMETERS

Name Type Description Min Max Allowed Pipeline PipelineByName
Filter String Falcon Query Language expression to limit results

SYNTAX

Get-FalconOverWatchDetection [-Filter] <String> [-WhatIf] [-Confirm] [<CommonParameters>]

REFERENCE

Endpoints

GET /overwatch-dashboards/aggregates/detections-global-counts/v1

falconpy

AggregatesDetectionsGlobalCounts

USAGE

Getting the total number of Falcon OverWatch detections for the past 48 hours

Get-FalconOverWatchDetection -Filter "detect_time:>'now-48h'"

2023-04-25: PSFalcon v2.2.5

Clone this wiki locally