Back to source list
CrowdStrike
This plugin is in preview.
Sync data from Crowdstrike APIs
Price
Free
Crowdstrike Falcon Detections
The crowdstrike_falcon_detections table shows data for Crowdstrike Falcon Detections.
Primary Keys #
| Name | Type |
|---|---|
| detection_id | utf8 |
Columns #
| Name | Type |
|---|---|
| adversary_ids | list<item: int64, nullable> |
| assigned_to_name | utf8 |
| assigned_to_uid | utf8 |
| behaviors | json |
| behaviors_processed | list<item: utf8, nullable> |
| cid | utf8 |
| _cq_id | uuid |
| _cq_parent_id | uuid |
| created_timestamp | json |
| detection_id | utf8 |
| device | json |
| email_sent | bool |
| first_behavior | json |
| hostinfo | json |
| last_behavior | json |
| max_confidence | int64 |
| max_severity | int64 |
| max_severity_displayname | utf8 |
| overwatch_notes | utf8 |
| quarantined_files | json |
| seconds_to_resolved | int64 |
| seconds_to_triaged | int64 |
| show_in_ui | bool |
| status | utf8 |