Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/tyler-tee/crowdclient

CrowdClient is a Python library for interacting with CrowdStrike Falcon's REST API.
https://github.com/tyler-tee/crowdclient

crowdstrike information-security rest rest-client

Last synced: 5 days ago
JSON representation

CrowdClient is a Python library for interacting with CrowdStrike Falcon's REST API.

Host: GitHub
URL: https://github.com/tyler-tee/crowdclient
Owner: tyler-tee
License: mit
Created: 2020-07-19T12:34:01.000Z (over 4 years ago)
Default Branch: master
Last Pushed: 2021-10-21T16:11:01.000Z (about 3 years ago)
Last Synced: 2024-11-07T06:49:03.393Z (7 days ago)
Topics: crowdstrike, information-security, rest, rest-client
Language: Python
Homepage:
Size: 107 KB
Stars: 6
Watchers: 0
Forks: 3
Open Issues: 0
Metadata Files:
- Readme: README.md
- License: LICENSE

Awesome Lists containing this project

README

        # CrowdClient

CrowdClient is a Python library for interacting with CrowdStrike Falcon's REST API.

## Installation

```python

pip install crowdclient

```

## Usage

### General Use

```python

from CrowdClient.crowdclient import CrowdClient

# Instantiate your client

falcon_client = CrowdClient(, )

# Authenticate to retrieve and store an authentication token for subsequent requests

falcon_client.authenticate()

# Get current detections (defaults to new detections only of all severities sorted newest -> oldest)

# Returns a list of all ID's matching above criteria

detections = falcon_client.get_detections()

# Get the number of hosts in your environment exhibiting activity related to a specified indicator

host_count = falcon_client.indicator_host_count('8.8.8.8', 'ipv4')

```

### Real-Time Response

```python

from CrowdClient.crowdclient import RTRClient

# Instantiate your client and authenticate

rtr_client = RTRClient(, , verify_cert=False)

rtr_client.authenticate()

# Initiate a batch session for multiple hosts

batch_id = rtr_client.batch_init(['hostid1', 'hostid2', 'hostid3'])

# Issue an RTR Admin command using the established session - Exclude a host if you'd like

rtr_client.batch_admin_cmd(batch_id, command='ls', command_string='ls C:\Users\', optional_hosts=['hostid3'])

# View the script ID's available for the user to use with the 'runscript' command

script_ids = rtr_client.get_scripts()

# Get the details for said scripts

script_details = rtr_client.script_details(script_ids)

```

## License

[MIT](https://choosealicense.com/licenses/mit/)