Back to source list
Official
Premium
CrowdStrike
Sync from CrowdStrike to any destination
Publisher
cloudquery
Latest version
v1.2.8
Type
Source
Platforms
Date Published
Overview #
The CloudQuery Crowdstrike plugin pulls data out of Crowdstrike and loads it into any supported CloudQuery destination (e.g. PostgreSQL, BigQuery, Snowflake, and more).
Crowdstrike Source Plugin Configuration Reference
Authentication #
The CrowdStrike source supports two different methods of authentication: API Client or Access Token authentication.
More details on each method are provided in the configuration reference section.
Example Configuration #
kind: source
spec:
name: crowdstrike
path: cloudquery/crowdstrike
registry: cloudquery
version: "v1.2.8"
tables: ["*"]
destinations: ["postgresql"]
spec:
auth_method: "client_secret"
client_id: "${CROWDSTRIKE_CLIENT_ID}"
client_secret: "${CROWDSTRIKE_CLIENT_SECRET}"
# optional
# base_path_override: "/"
# cloud: "autodiscover"
# host_override: ""
# member_cid: ""
Configuration Reference #
This is the (nested) spec used by the CrowdStrike source plugin.
auth_method
(string
) (optional, default:client_secret
)This plugin supports different authentication methods when communicating with the CrowdStrike API. Depending on the chosen authentication method, additional configuration parameters are required.Supported values areclient_secret
andaccess_token
. If theclient_secret
method is selected, the following additional configuration parameters will be used. If theaccess_token
method is selected, the following additional configuration parameters will be used.cloud
(string
) (optional, default:autodiscover
)Region where the CrowdStrike backend is hosted.autodiscover
can automatically discover the region when using API Client authentication.When using Access Token authentication method, a specific cloud region is required:spec: access_token: "${CROWDSTRIKE_ACCESS_TOKEN}" cloud: us-1 # possible values are: us-1, us-2, eu-1, us-gov-1
host_override
(string
) (optional, default: empty)A specific API host to use when making API requests. This must be a fully qualified domain name without a scheme or slashes.When set, the value ofcloud
will be ignored.spec: access_token: "${CROWDSTRIKE_ACCESS_TOKEN}" host_override: api.mysubdomain.crowdstrike.com
base_path_override
(string
) (optional, default:/
)Sets the URL path to prepend when making API requests. With or without a leading slash.member_cid
(string
) (optional, default: empty)A specific CID to use. This value can be used for filtering when the Client has access to multiple CIDs.concurrency
(integer
) (optional, default:10000
)A best effort maximum number of Go routines to use. Lower this number to reduce memory usage.scheduler
(string
) (optional, default:dfs
)The scheduler to use when determining the priority of resources to sync. Supported values aredfs
(depth-first search),round-robin
,shuffle
andshuffle-queue
.For more information about this, see performance tuning.
Client Secret Configuration Reference #
To use this authentication method, generate new Client Credentials by navigating to the Falcon UI. From the left menubar, go to Support and Resources > API Clients and Keys > Create API Client, and select all Read scopes.
client_id
(string
) (required)The ID of the CrowdStrike Client to use.client_secret
(string
) (required)The secret to authenticate the client with IDclient_id
.
Access Token Configuration Reference #
To use this authentication method, you will need to generate an
access_token
using /oauth2/token
API with an existing client. This is done automatically when using the client secret authentication method.access_token
(string
) (required)The OAuth 2.0 Access Token to authenticate with (recommendation: Use environment variable instead of a hardcoded token in the config).
Licenses #
The following tools / packages are used in this plugin:
Name | License |
---|---|
github.com/adrg/xdg | MIT |
github.com/apache/arrow/go/v13 | Apache-2.0 |
github.com/apache/arrow-go/v18 | Apache-2.0 |
github.com/apapsch/go-jsonmerge/v2 | MIT |
github.com/asaskevich/govalidator | MIT |
github.com/aws/aws-sdk-go-v2 | Apache-2.0 |
github.com/aws/aws-sdk-go-v2/config | Apache-2.0 |
github.com/aws/aws-sdk-go-v2/credentials | Apache-2.0 |
github.com/aws/aws-sdk-go-v2/feature/ec2/imds | Apache-2.0 |
github.com/aws/aws-sdk-go-v2/internal/configsources | Apache-2.0 |
github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 | Apache-2.0 |
github.com/aws/aws-sdk-go-v2/internal/ini | Apache-2.0 |
github.com/aws/aws-sdk-go-v2/internal/sync/singleflight | BSD-3-Clause |
github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding | Apache-2.0 |
github.com/aws/aws-sdk-go-v2/service/internal/presigned-url | Apache-2.0 |
github.com/aws/aws-sdk-go-v2/service/licensemanager | Apache-2.0 |
github.com/aws/aws-sdk-go-v2/service/marketplacemetering | Apache-2.0 |
github.com/aws/aws-sdk-go-v2/service/sso | Apache-2.0 |
github.com/aws/aws-sdk-go-v2/service/ssooidc | Apache-2.0 |
github.com/aws/aws-sdk-go-v2/service/sts | Apache-2.0 |
github.com/aws/smithy-go | Apache-2.0 |
github.com/aws/smithy-go/internal/sync/singleflight | BSD-3-Clause |
github.com/bahlo/generic-list-go | BSD-3-Clause |
github.com/blang/semver/v4 | MIT |
github.com/buger/jsonparser | MIT |
github.com/cenkalti/backoff/v4 | MIT |
github.com/cloudquery/cloudquery-api-go | MPL-2.0 |
github.com/cloudquery/plugin-pb-go | MPL-2.0 |
github.com/cloudquery/plugin-sdk/v2/internal/glob | MIT |
github.com/cloudquery/plugin-sdk/v2/schema | MIT |
github.com/cloudquery/plugin-sdk/v2/types | MPL-2.0 |
github.com/cloudquery/plugin-sdk/v4 | MPL-2.0 |
github.com/cloudquery/plugin-sdk/v4/glob | MIT |
github.com/cloudquery/plugin-sdk/v4/scalar | MIT |
github.com/crowdstrike/gofalcon | MIT |
github.com/davecgh/go-spew/spew | ISC |
github.com/ghodss/yaml | MIT |
github.com/go-logr/logr | Apache-2.0 |
github.com/go-logr/stdr | Apache-2.0 |
github.com/go-openapi/analysis | Apache-2.0 |
github.com/go-openapi/errors | Apache-2.0 |
github.com/go-openapi/jsonpointer | Apache-2.0 |
github.com/go-openapi/jsonreference | Apache-2.0 |
github.com/go-openapi/loads | Apache-2.0 |
github.com/go-openapi/runtime | Apache-2.0 |
github.com/go-openapi/runtime/middleware/denco | MIT |
github.com/go-openapi/spec | Apache-2.0 |
github.com/go-openapi/strfmt | Apache-2.0 |
github.com/go-openapi/swag | Apache-2.0 |
github.com/go-openapi/validate | Apache-2.0 |
github.com/goccy/go-json | MIT |
github.com/google/flatbuffers/go | Apache-2.0 |
github.com/google/uuid | BSD-3-Clause |
github.com/grpc-ecosystem/go-grpc-middleware/v2/interceptors | Apache-2.0 |
github.com/grpc-ecosystem/grpc-gateway/v2 | BSD-3-Clause |
github.com/hashicorp/go-cleanhttp | MPL-2.0 |
github.com/hashicorp/go-retryablehttp | MPL-2.0 |
github.com/invopop/jsonschema | MIT |
github.com/josharian/intern | MIT |
github.com/klauspost/compress | Apache-2.0 |
github.com/klauspost/compress/internal/snapref | BSD-3-Clause |
github.com/klauspost/compress/zstd/internal/xxhash | MIT |
github.com/mailru/easyjson | MIT |
github.com/mattn/go-colorable | MIT |
github.com/mattn/go-isatty | MIT |
github.com/mitchellh/mapstructure | MIT |
github.com/oapi-codegen/runtime | Apache-2.0 |
github.com/oklog/ulid | Apache-2.0 |
github.com/opentracing/opentracing-go | Apache-2.0 |
github.com/pierrec/lz4/v4 | BSD-3-Clause |
github.com/pmezard/go-difflib/difflib | BSD-3-Clause |
github.com/rs/zerolog | MIT |
github.com/samber/lo | MIT |
github.com/santhosh-tekuri/jsonschema/v6 | Apache-2.0 |
github.com/sirupsen/logrus | MIT |
github.com/spf13/cobra | Apache-2.0 |
github.com/spf13/pflag | BSD-3-Clause |
github.com/stretchr/testify | MIT |
github.com/thoas/go-funk | MIT |
github.com/wk8/go-ordered-map/v2 | Apache-2.0 |
github.com/zeebo/xxh3 | BSD-2-Clause |
go.mongodb.org/mongo-driver | Apache-2.0 |
go.opentelemetry.io/otel | Apache-2.0 |
go.opentelemetry.io/otel/exporters/otlp/otlplog/otlploghttp | Apache-2.0 |
go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetrichttp | Apache-2.0 |
go.opentelemetry.io/otel/exporters/otlp/otlptrace | Apache-2.0 |
go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp | Apache-2.0 |
go.opentelemetry.io/otel/log | Apache-2.0 |
go.opentelemetry.io/otel/metric | Apache-2.0 |
go.opentelemetry.io/otel/sdk | Apache-2.0 |
go.opentelemetry.io/otel/sdk/log | Apache-2.0 |
go.opentelemetry.io/otel/sdk/metric | Apache-2.0 |
go.opentelemetry.io/otel/trace | Apache-2.0 |
go.opentelemetry.io/proto/otlp | Apache-2.0 |
golang.org/x/exp | BSD-3-Clause |
golang.org/x/net | BSD-3-Clause |
golang.org/x/oauth2 | BSD-3-Clause |
golang.org/x/sync | BSD-3-Clause |
golang.org/x/sys | BSD-3-Clause |
golang.org/x/text | BSD-3-Clause |
golang.org/x/xerrors | BSD-3-Clause |
google.golang.org/genproto/googleapis/api/httpbody | Apache-2.0 |
google.golang.org/genproto/googleapis/rpc/status | Apache-2.0 |
google.golang.org/grpc | Apache-2.0 |
google.golang.org/protobuf | BSD-3-Clause |
gopkg.in/yaml.v2 | Apache-2.0 |
gopkg.in/yaml.v3 | MIT |