Data Protection Configuration

The Data Protection Configuration service collection provides operations for managing data protection policies and configuration entities. Create, update, delete, and query classifications, cloud applications, content patterns, enterprise accounts, file types, sensitivity labels, local application groups, local applications, policies, web locations, and policy precedence.

Language	Last Update
Python	v1.6.1
PowerShell	v2.2.9
Go	v0.20.0
TypeScript	v0.6.0
Rust	v0.7.0
Ruby	v1.2.0

Operation	Description
entities_classification_get_v2 `get_classification`	Gets the classifications that match the provided ids
entities_classification_post_v2 `create_classification`	Create classifications
entities_classification_patch_v2 `update_classifications`	Update classifications
entities_classification_delete_v2 `delete_classification`	Deletes classifications that match the provided ids
entities_cloud_application_get `get_cloud_application`	Get a particular cloud-application
entities_cloud_application_create `create_cloud_application`	Persist the given cloud application for the provided entity instance
entities_cloud_application_patch `update_cloud_application`	Update a cloud application.
entities_cloud_application_delete `delete_cloud_application`	Delete cloud application.
entities_content_pattern_get `get_content_pattern`	Get a particular content-pattern(s).
entities_content_pattern_create `create_content_pattern`	Persist the given content pattern for the provided entity instance.
entities_content_pattern_patch `update_content_pattern`	Update a content pattern.
entities_content_pattern_delete `delete_content_pattern`	Delete content pattern.
entities_policy_precedence_post_v1 `update_policy_precedence`	Update Policy Precedence.
entities_enterprise_account_get `get_enterprise_account`	Get a particular enterprise-account(s).
entities_enterprise_account_create `create_enterprise_account`	Persist the given enterprise account for the provided entity instance.
entities_enterprise_account_patch `update_enterprise_account`	Update a enterprise account.
entities_enterprise_account_delete `delete_enterprise_account`	Delete enterprise account.
entities_file_type_get `get_file_type`	Get a particular file-type.
entities_sensitivity_label_get_v2 `get_sensitivity_label`	Get sensitivity label matching the IDs (V2).
entities_sensitivity_label_create_v2 `create_sensitivity_label`	Create new sensitivity label (V2).
entities_sensitivity_label_delete_v2 `delete_sensitivity_label`	Delete sensitivity labels matching the IDs (V2).
entities_local_application_group_get `get_local_application_group`	Get particular local application groups.
entities_local_application_group_create `create_local_application_group`	Persist the given local application group for the provided entity instance.
entities_local_application_group_patch `update_local_application_group`	Update a local application group.
entities_local_application_group_delete `delete_local_application_group`	Soft Delete local application. The application won’t be visible anymore, but will still be in the database.
entities_local_application_get `get_local_application`	Get a particular local application.
entities_local_application_create `create_local_application`	Persist the given local application for the provided entity instance.
entities_local_application_patch `update_local_application`	Update a local application.
entities_local_application_delete `delete_local_application`	Soft Delete local application. The application wont be visible anymore, but will still be in the database.
entities_policy_get_v2 `get_policies`	Get policies that match the provided ids.
entities_policy_post_v2 `create_policy`	Create policies.
entities_policy_patch_v2 `update_policies`	Update policies.
entities_policy_delete_v2 `delete_policies`	Delete policies that match the provided ids.
entities_web_location_get_v2 `get_web_location`	Get web-location entities matching the provided ID(s).
entities_web_location_create_v2 `create_web_location`	Persist the given web-locations.
entities_web_location_patch_v2 `update_web_location`	Update a web-location.
entities_web_location_delete_v2 `delete_web_location`	Delete web-location.
queries_classification_get_v2 `query_classifications`	Search for classifications that match the provided criteria.
queries_cloud_application_get_v2 `query_cloud_applications`	Get all cloud-application IDs matching the query with filter.
queries_content_pattern_get_v2 `query_content_patterns`	Get all content-pattern IDs matching the query with filter.
queries_enterprise_account_get_v2 `query_enterprise_accounts`	Get all enterprise-account IDs matching the query with filter.
queries_file_type_get_v2 `query_file_type`	Get all file-type IDs matching the query with filter.
queries_sensitivity_label_get_v2 `query_sensitivity_label`	Get all sensitivity label IDs matching the query with filter.
queries_local_application_group_get `query_local_application_groups`	Get all local application group IDs matching the query with filter.
queries_local_application_get `query_local_applications`	Get all local-application IDs matching the query with filter.
queries_policy_get_v2 `query_policies`	Search for policies that match the provided criteria.
queries_web_location_get_v2 `query_web_locations`	Get web-location IDs matching the query with filter.

entities_classification_get_v2

Gets the classifications that match the provided ids

GET /data-protection/entities/classifications/v2

Scope Data Protection: READ Consumes · Produces application/json

PEP 8 get_classification

Parameters

Name	Type	Data type	Description
ids	query	list of strings	IDs of the classifications to get
parameters	query	dictionary	Full query string parameters payload in JSON format.

Code Examples

from falconpy import DataProtectionConfiguration

falcon = DataProtectionConfiguration(client_id=CLIENT_ID,
                                     client_secret=CLIENT_SECRET
                                     )

id_list = 'ID1,ID2,ID3'  # Can also pass a list here: ['ID1', 'ID2', 'ID3']

response = falcon.get_classification(ids=id_list)
print(response)

from falconpy import DataProtectionConfiguration

falcon = DataProtectionConfiguration(client_id=CLIENT_ID,
                                     client_secret=CLIENT_SECRET
                                     )

id_list = 'ID1,ID2,ID3'  # Can also pass a list here: ['ID1', 'ID2', 'ID3']

response = falcon.entities_classification_get_v2(ids=id_list)
print(response)

from falconpy import APIHarnessV2

falcon = APIHarnessV2(client_id=CLIENT_ID,
                      client_secret=CLIENT_SECRET
                      )

id_list = 'ID1,ID2,ID3'  # Can also pass a list here: ['ID1', 'ID2', 'ID3']

response = falcon.command("entities_classification_get_v2",
                          ids=id_list)
print(response)

package main

import (
  "context"
  "fmt"
  "os"

  "github.com/crowdstrike/gofalcon/falcon"
  "github.com/crowdstrike/gofalcon/falcon/client/data_protection_configuration"
)

func main() {
  client, err := falcon.NewClient(&falcon.ApiConfig{
    ClientId:     os.Getenv("FALCON_CLIENT_ID"),
    ClientSecret: os.Getenv("FALCON_CLIENT_SECRET"),
    Context:      context.Background(),
  })
  if err != nil {
    panic(err)
  }

  response, err := client.DataProtectionConfiguration.EntitiesClassificationGetV2(
    &data_protection_configuration.EntitiesClassificationGetV2Params{
      Ids: []string{"ID1", "ID2", "ID3"},
      Context: context.Background(),
    },
  )
  if err != nil {
    panic(falcon.ErrorExplain(err))
  }

  fmt.Printf("%+v\n", response.Payload)
}

import { FalconClient } from "crowdstrike-falcon";

const client = new FalconClient({
  cloud: process.env.FALCON_CLOUD!,
  clientId: process.env.FALCON_CLIENT_ID!,
  clientSecret: process.env.FALCON_CLIENT_SECRET!,
});

const response = await client.dataProtectionConfiguration.entitiesClassificationGetV2(["ID1", "ID2", "ID3"]);  // ids

console.log(response);

entities_classification_post_v2

Create classifications

POST /data-protection/entities/classifications/v2

Scope Data Protection: WRITE Consumes · Produces application/json

PEP 8 create_classification

Parameters

Name	Type	Data type	Description
body	body	dictionary	Full body payload in JSON format
classification_properties	body	dictionary	The properties of the new classification.
name	body	string	The name of the new classification.

Code Examples

from falconpy import DataProtectionConfiguration

falcon = DataProtectionConfiguration(client_id=CLIENT_ID,
                                     client_secret=CLIENT_SECRET
                                     )

response = falcon.create_classification(classification_properties={},
                                        name="string")
print(response)

from falconpy import DataProtectionConfiguration

falcon = DataProtectionConfiguration(client_id=CLIENT_ID,
                                     client_secret=CLIENT_SECRET
                                     )

response = falcon.entities_classification_post_v2(classification_properties={},
                                                  name="string")
print(response)

from falconpy import APIHarnessV2

falcon = APIHarnessV2(client_id=CLIENT_ID,
                      client_secret=CLIENT_SECRET
                      )

body_payload = {
    "resources": [
        {
            "classification_properties": {
                "content_patterns": ["string"],
                "content_patterns_operator": "string",
                "evidence_duplication_enabled": boolean,
                "file_types": ["string"],
                "mac_file_path_patterns": ["string"],
                "protection_mode": "string",
                "rules": ["string"],
                "sensitivity_labels": ["string"],
                "web_sources": ["string"],
                "win_file_path_patterns": ["string"]
            },
            "name": "string"
        }
    ]
}

response = falcon.command("entities_classification_post_v2", body=body_payload)
print(response)

package main

import (
  "context"
  "fmt"
  "os"

  "github.com/crowdstrike/gofalcon/falcon"
  "github.com/crowdstrike/gofalcon/falcon/client/data_protection_configuration"
  "github.com/crowdstrike/gofalcon/falcon/models"
)

func main() {
  client, err := falcon.NewClient(&falcon.ApiConfig{
    ClientId:     os.Getenv("FALCON_CLIENT_ID"),
    ClientSecret: os.Getenv("FALCON_CLIENT_SECRET"),
    Context:      context.Background(),
  })
  if err != nil {
    panic(err)
  }

  name := "string"

  response, err := client.DataProtectionConfiguration.EntitiesClassificationPostV2(
    &data_protection_configuration.EntitiesClassificationPostV2Params{
      Body: &models.PolicymanagerCreateClassificationsRequest{
        Resources: []interface{}{
          {
          ClassificationProperties: &struct{}{},
          Name: &name,
          },
        },
      },
      Context: context.Background(),
    },
  )
  if err != nil {
    panic(falcon.ErrorExplain(err))
  }

  fmt.Printf("%+v\n", response.Payload)
}

import { FalconClient } from "crowdstrike-falcon";

const client = new FalconClient({
  cloud: process.env.FALCON_CLOUD!,
  clientId: process.env.FALCON_CLIENT_ID!,
  clientSecret: process.env.FALCON_CLIENT_SECRET!,
});

const response = await client.dataProtectionConfiguration.entitiesClassificationPostV2(
  {
    resources: [{
        classificationProperties: {
          contentPatterns: [],
          contentPatternsOperator: "string",
          evidenceDuplicationEnabled: boolean,
          fileTypes: [],
          macFilePathPatterns: [],
          protectionMode: "string",
          rules: [],
          sensitivityLabels: [],
          webSources: [],
          winFilePathPatterns: []
        },
        name: "string"
      }]
}  // body
);

console.log(response);

entities_classification_patch_v2

Update classifications

PATCH /data-protection/entities/classifications/v2

Scope Data Protection: WRITE Consumes · Produces application/json

PEP 8 update_classifications

Parameters

Name	Type	Data type	Description
body	body	dictionary	Full body payload in JSON format.
classification_properties	body	dictionary	The properties of the new classification.
name	body	string	The name of the new classification.

Code Examples

from falconpy import DataProtectionConfiguration

falcon = DataProtectionConfiguration(client_id=CLIENT_ID,
                                     client_secret=CLIENT_SECRET
                                     )

response = falcon.update_classifications(id="string",
                                         classification_properties={},
                                         name="string")
print(response)

from falconpy import DataProtectionConfiguration

falcon = DataProtectionConfiguration(client_id=CLIENT_ID,
                                     client_secret=CLIENT_SECRET
                                     )

response = falcon.entities_classification_patch_v2(id="string",
                                                   classification_properties={},
                                                   name="string")
print(response)

from falconpy import APIHarnessV2

falcon = APIHarnessV2(client_id=CLIENT_ID,
                      client_secret=CLIENT_SECRET
                      )

body_payload = {
    "resources": [
        {
            "classification_properties": {
                "content_patterns": ["string"],
                "content_patterns_operator": "string",
                "evidence_duplication_enabled": boolean,
                "file_types": ["string"],
                "mac_file_path_patterns": ["string"],
                "protection_mode": "string",
                "rules": ["string"],
                "sensitivity_labels": ["string"],
                "web_sources": ["string"],
                "win_file_path_patterns": ["string"]
            },
            "id": "string",
            "name": "string"
        }
    ]
}

response = falcon.command("entities_classification_patch_v2", body=body_payload)
print(response)

package main

import (
  "context"
  "fmt"
  "os"

  "github.com/crowdstrike/gofalcon/falcon"
  "github.com/crowdstrike/gofalcon/falcon/client/data_protection_configuration"
  "github.com/crowdstrike/gofalcon/falcon/models"
)

func main() {
  client, err := falcon.NewClient(&falcon.ApiConfig{
    ClientId:     os.Getenv("FALCON_CLIENT_ID"),
    ClientSecret: os.Getenv("FALCON_CLIENT_SECRET"),
    Context:      context.Background(),
  })
  if err != nil {
    panic(err)
  }

  id := "string"
  name := "string"

  response, err := client.DataProtectionConfiguration.EntitiesClassificationPatchV2(
    &data_protection_configuration.EntitiesClassificationPatchV2Params{
      Body: &models.PolicymanagerUpdateClassificationsRequest{
        Resources: []interface{}{
          {
          ClassificationProperties: &struct{}{},
          ID: &id,
          Name: &name,
          },
        },
      },
      Context: context.Background(),
    },
  )
  if err != nil {
    panic(falcon.ErrorExplain(err))
  }

  fmt.Printf("%+v\n", response.Payload)
}

import { FalconClient } from "crowdstrike-falcon";

const client = new FalconClient({
  cloud: process.env.FALCON_CLOUD!,
  clientId: process.env.FALCON_CLIENT_ID!,
  clientSecret: process.env.FALCON_CLIENT_SECRET!,
});

const response = await client.dataProtectionConfiguration.entitiesClassificationPatchV2(
  {
    resources: [{
        classificationProperties: {
          contentPatterns: [],
          contentPatternsOperator: "string",
          evidenceDuplicationEnabled: boolean,
          fileTypes: [],
          macFilePathPatterns: [],
          protectionMode: "string",
          rules: [],
          sensitivityLabels: [],
          webSources: [],
          winFilePathPatterns: []
        },
        id: "string",
        name: "string"
      }]
}  // body
);

console.log(response);

entities_classification_delete_v2

Deletes classifications that match the provided ids

DELETE /data-protection/entities/classifications/v2

Scope Data Protection: WRITE Consumes · Produces application/json

PEP 8 delete_classification

Parameters

Name	Type	Data type	Description
ids	query	list of strings	IDs of the classifications to delete
parameters	query	dictionary	Full query string parameters payload in JSON format.

Code Examples

from falconpy import DataProtectionConfiguration

falcon = DataProtectionConfiguration(client_id=CLIENT_ID,
                                     client_secret=CLIENT_SECRET
                                     )

id_list = 'ID1,ID2,ID3'  # Can also pass a list here: ['ID1', 'ID2', 'ID3']

response = falcon.delete_classification(ids=id_list)
print(response)

from falconpy import DataProtectionConfiguration

falcon = DataProtectionConfiguration(client_id=CLIENT_ID,
                                     client_secret=CLIENT_SECRET
                                     )

id_list = 'ID1,ID2,ID3'  # Can also pass a list here: ['ID1', 'ID2', 'ID3']

response = falcon.entities_classification_delete_v2(ids=id_list)
print(response)

from falconpy import APIHarnessV2

falcon = APIHarnessV2(client_id=CLIENT_ID,
                      client_secret=CLIENT_SECRET
                      )

id_list = 'ID1,ID2,ID3'  # Can also pass a list here: ['ID1', 'ID2', 'ID3']

response = falcon.command("entities_classification_delete_v2",
                          ids=id_list)
print(response)

package main

import (
  "context"
  "fmt"
  "os"

  "github.com/crowdstrike/gofalcon/falcon"
  "github.com/crowdstrike/gofalcon/falcon/client/data_protection_configuration"
)

func main() {
  client, err := falcon.NewClient(&falcon.ApiConfig{
    ClientId:     os.Getenv("FALCON_CLIENT_ID"),
    ClientSecret: os.Getenv("FALCON_CLIENT_SECRET"),
    Context:      context.Background(),
  })
  if err != nil {
    panic(err)
  }

  response, err := client.DataProtectionConfiguration.EntitiesClassificationDeleteV2(
    &data_protection_configuration.EntitiesClassificationDeleteV2Params{
      Ids: []string{"ID1", "ID2", "ID3"},
      Context: context.Background(),
    },
  )
  if err != nil {
    panic(falcon.ErrorExplain(err))
  }

  fmt.Printf("%+v\n", response.Payload)
}

import { FalconClient } from "crowdstrike-falcon";

const client = new FalconClient({
  cloud: process.env.FALCON_CLOUD!,
  clientId: process.env.FALCON_CLIENT_ID!,
  clientSecret: process.env.FALCON_CLIENT_SECRET!,
});

const response = await client.dataProtectionConfiguration.entitiesClassificationDeleteV2(["ID1", "ID2", "ID3"]);  // ids

console.log(response);

entities_cloud_application_get

Get a particular cloud-application

GET /data-protection/entities/cloud-applications/v1

Scope Data Protection: READ Consumes · Produces application/json

PEP 8 get_cloud_application

Parameters

Name	Type	Data type	Description
ids	query	list of strings	The cloud application id(s) to get.
parameters	query	dictionary	Full query string parameters payload in JSON format.

Code Examples

from falconpy import DataProtectionConfiguration

falcon = DataProtectionConfiguration(client_id=CLIENT_ID,
                                     client_secret=CLIENT_SECRET
                                     )

id_list = 'ID1,ID2,ID3'  # Can also pass a list here: ['ID1', 'ID2', 'ID3']

response = falcon.get_cloud_application(ids=id_list)
print(response)

from falconpy import DataProtectionConfiguration

falcon = DataProtectionConfiguration(client_id=CLIENT_ID,
                                     client_secret=CLIENT_SECRET
                                     )

id_list = 'ID1,ID2,ID3'  # Can also pass a list here: ['ID1', 'ID2', 'ID3']

response = falcon.entities_cloud_application_get(ids=id_list)
print(response)

from falconpy import APIHarnessV2

falcon = APIHarnessV2(client_id=CLIENT_ID,
                      client_secret=CLIENT_SECRET
                      )

id_list = 'ID1,ID2,ID3'  # Can also pass a list here: ['ID1', 'ID2', 'ID3']

response = falcon.command("entities_cloud_application_get",
                          ids=id_list)
print(response)

package main

import (
  "context"
  "fmt"
  "os"

  "github.com/crowdstrike/gofalcon/falcon"
  "github.com/crowdstrike/gofalcon/falcon/client/data_protection_configuration"
)

func main() {
  client, err := falcon.NewClient(&falcon.ApiConfig{
    ClientId:     os.Getenv("FALCON_CLIENT_ID"),
    ClientSecret: os.Getenv("FALCON_CLIENT_SECRET"),
    Context:      context.Background(),
  })
  if err != nil {
    panic(err)
  }

  response, err := client.DataProtectionConfiguration.EntitiesCloudApplicationGet(
    &data_protection_configuration.EntitiesCloudApplicationGetParams{
      Ids: []string{"ID1", "ID2", "ID3"},
      Context: context.Background(),
    },
  )
  if err != nil {
    panic(falcon.ErrorExplain(err))
  }

  fmt.Printf("%+v\n", response.Payload)
}

import { FalconClient } from "crowdstrike-falcon";

const client = new FalconClient({
  cloud: process.env.FALCON_CLOUD!,
  clientId: process.env.FALCON_CLIENT_ID!,
  clientSecret: process.env.FALCON_CLIENT_SECRET!,
});

const response = await client.dataProtectionConfiguration.entitiesCloudApplicationGet(["ID1", "ID2", "ID3"]);  // ids

console.log(response);

require "crimson-falcon"

Falcon.configure do |config|
  config.client_id = ENV["FALCON_CLIENT_ID"]
  config.client_secret = ENV["FALCON_CLIENT_SECRET"]
  config.cloud = ENV["FALCON_CLOUD"]
end

api = Falcon::DataProtectionConfiguration.new

response = api.entities_cloud_application_get(['ID1', 'ID2', 'ID3'])

puts response

entities_cloud_application_create

Persist the given cloud application for the provided entity instance

POST /data-protection/entities/cloud-applications/v1

Scope Data Protection: WRITE Consumes · Produces application/json

PEP 8 create_cloud_application

Parameters

Name	Type	Data type	Description
body	body	dictionary	Full body payload in JSON format
description	body	string	The description of the cloud application.
name	body	string	The name of the cloud application.
urls	body	list of dictionaries	The fields contain the FQDN and the path.

Code Examples

from falconpy import DataProtectionConfiguration

falcon = DataProtectionConfiguration(client_id=CLIENT_ID,
                                     client_secret=CLIENT_SECRET
                                     )

urls = [
    {
        "fqdn": "string",
        "path": "string"
    }
]

response = falcon.create_cloud_application(description="string",
                                           name="string",
                                           urls=urls)
print(response)

from falconpy import DataProtectionConfiguration

falcon = DataProtectionConfiguration(client_id=CLIENT_ID,
                                     client_secret=CLIENT_SECRET
                                     )

urls = [
    {
        "fqdn": "string",
        "path": "string"
    }
]

response = falcon.entities_cloud_application_create(description="string",
                                                    name="string",
                                                    urls=urls)
print(response)

from falconpy import APIHarnessV2

falcon = APIHarnessV2(client_id=CLIENT_ID,
                      client_secret=CLIENT_SECRET
                      )

body_payload = {
    "description": "string",
    "name": "string",
    "urls": [
        {
            "fqdn": "string",
            "path": "string"
        }
    ]
}

response = falcon.command("entities_cloud_application_create", body=body_payload)
print(response)

package main

import (
  "context"
  "fmt"
  "os"

  "github.com/crowdstrike/gofalcon/falcon"
  "github.com/crowdstrike/gofalcon/falcon/client/data_protection_configuration"
  "github.com/crowdstrike/gofalcon/falcon/models"
)

func main() {
  client, err := falcon.NewClient(&falcon.ApiConfig{
    ClientId:     os.Getenv("FALCON_CLIENT_ID"),
    ClientSecret: os.Getenv("FALCON_CLIENT_SECRET"),
    Context:      context.Background(),
  })
  if err != nil {
    panic(err)
  }

  description := "string"
  name := "string"
  fqdn := "string"
  path := "string"

  response, err := client.DataProtectionConfiguration.EntitiesCloudApplicationCreate(
    &data_protection_configuration.EntitiesCloudApplicationCreateParams{
      Body: &models.APICloudApplicationCreateRequestV1{
        Description: &description,
        Name: &name,
        Urls: []interface{}{
          {
          Fqdn: &fqdn,
          Path: &path,
          },
        },
      },
      Context: context.Background(),
    },
  )
  if err != nil {
    panic(falcon.ErrorExplain(err))
  }

  fmt.Printf("%+v\n", response.Payload)
}

import { FalconClient } from "crowdstrike-falcon";

const client = new FalconClient({
  cloud: process.env.FALCON_CLOUD!,
  clientId: process.env.FALCON_CLIENT_ID!,
  clientSecret: process.env.FALCON_CLIENT_SECRET!,
});

const response = await client.dataProtectionConfiguration.entitiesCloudApplicationCreate(
  {
    description: "string",
    name: "string",
    urls: [{
        fqdn: "string",
        path: "string"
      }]
}  // body
);

console.log(response);

require "crimson-falcon"

Falcon.configure do |config|
  config.client_id = ENV["FALCON_CLIENT_ID"]
  config.client_secret = ENV["FALCON_CLIENT_SECRET"]
  config.cloud = ENV["FALCON_CLOUD"]
end

api = Falcon::DataProtectionConfiguration.new

body = Falcon::ApiCloudApplicationCreateRequestV1.new(
  description: 'string',
  name: 'string',
  urls: [{
      fqdn: 'string',
      path: 'string'
    }]
)

response = api.entities_cloud_application_create(body)

puts response

entities_cloud_application_patch

Update a cloud application.

PATCH /data-protection/entities/cloud-applications/v1

Scope Data Protection: WRITE Consumes · Produces application/json

PEP 8 update_cloud_application

Parameters

Name	Type	Data type	Description
id	query	string	The cloud app id to update.
body	body	dictionary	Full body payload in JSON format
description	body	string	The description of the cloud application.
name	body	string	The name of the cloud application.
urls	body	list of dictionaries	The fields contain the FQDN and the path.
parameters	query	dictionary	Full query string parameters payload in JSON format.

Code Examples

from falconpy import DataProtectionConfiguration

falcon = DataProtectionConfiguration(client_id=CLIENT_ID,
                                     client_secret=CLIENT_SECRET
                                     )

urls = [
    {
        "fqdn": "string",
        "path": "string"
    }
]

response = falcon.update_cloud_application(id="string",
                                           description="string",
                                           name="string",
                                           urls=urls)
print(response)

from falconpy import DataProtectionConfiguration

falcon = DataProtectionConfiguration(client_id=CLIENT_ID,
                                     client_secret=CLIENT_SECRET
                                     )

urls = [
    {
        "fqdn": "string",
        "path": "string"
    }
]

response = falcon.entities_cloud_application_patch(id="string",
                                                   description="string",
                                                   name="string",
                                                   urls=urls)
print(response)

from falconpy import APIHarnessV2

falcon = APIHarnessV2(client_id=CLIENT_ID,
                      client_secret=CLIENT_SECRET
                      )

body_payload = {
    "description": "string",
    "name": "string",
    "urls": [
        {
            "fqdn": "string",
            "path": "string"
        }
    ]
}

response = falcon.command("entities_cloud_application_patch",
                          id="string",
                          body=body_payload)
print(response)

package main

import (
  "context"
  "fmt"
  "os"

  "github.com/crowdstrike/gofalcon/falcon"
  "github.com/crowdstrike/gofalcon/falcon/client/data_protection_configuration"
  "github.com/crowdstrike/gofalcon/falcon/models"
)

func main() {
  client, err := falcon.NewClient(&falcon.ApiConfig{
    ClientId:     os.Getenv("FALCON_CLIENT_ID"),
    ClientSecret: os.Getenv("FALCON_CLIENT_SECRET"),
    Context:      context.Background(),
  })
  if err != nil {
    panic(err)
  }

  description := "string"
  name := "string"
  fqdn := "string"
  path := "string"

  response, err := client.DataProtectionConfiguration.EntitiesCloudApplicationPatch(
    &data_protection_configuration.EntitiesCloudApplicationPatchParams{
      Body: &models.APICloudApplicationUpdateRequestV1{
        Description: &description,
        Name: &name,
        Urls: []interface{}{
          {
          Fqdn: &fqdn,
          Path: &path,
          },
        },
      },
      ID: "string",
      Context: context.Background(),
    },
  )
  if err != nil {
    panic(falcon.ErrorExplain(err))
  }

  fmt.Printf("%+v\n", response.Payload)
}

import { FalconClient } from "crowdstrike-falcon";

const client = new FalconClient({
  cloud: process.env.FALCON_CLOUD!,
  clientId: process.env.FALCON_CLIENT_ID!,
  clientSecret: process.env.FALCON_CLIENT_SECRET!,
});

const response = await client.dataProtectionConfiguration.entitiesCloudApplicationPatch(
  "string",  // id
  {  // body
      description: "string",
      name: "string",
      urls: [{
          fqdn: "string",
          path: "string"
        }]
  }
);

console.log(response);

require "crimson-falcon"

Falcon.configure do |config|
  config.client_id = ENV["FALCON_CLIENT_ID"]
  config.client_secret = ENV["FALCON_CLIENT_SECRET"]
  config.cloud = ENV["FALCON_CLOUD"]
end

api = Falcon::DataProtectionConfiguration.new

body = Falcon::ApiCloudApplicationUpdateRequestV1.new(
  description: 'string',
  name: 'string',
  urls: [{
      fqdn: 'string',
      path: 'string'
    }]
)

response = api.entities_cloud_application_patch(body, 'string')

puts response

entities_cloud_application_delete

Delete cloud application.

DELETE /data-protection/entities/cloud-applications/v1

Scope Data Protection: WRITE Consumes · Produces application/json

PEP 8 delete_cloud_application

Parameters

Name	Type	Data type	Description
ids	query	list of strings	The id of the cloud application to delete.
parameters	query	dictionary	Full query string parameters payload in JSON format.

Code Examples

from falconpy import DataProtectionConfiguration

falcon = DataProtectionConfiguration(client_id=CLIENT_ID,
                                     client_secret=CLIENT_SECRET
                                     )

id_list = 'ID1,ID2,ID3'  # Can also pass a list here: ['ID1', 'ID2', 'ID3']

response = falcon.delete_cloud_application(ids=id_list)
print(response)

from falconpy import DataProtectionConfiguration

falcon = DataProtectionConfiguration(client_id=CLIENT_ID,
                                     client_secret=CLIENT_SECRET
                                     )

id_list = 'ID1,ID2,ID3'  # Can also pass a list here: ['ID1', 'ID2', 'ID3']

response = falcon.entities_cloud_application_delete(ids=id_list)
print(response)

from falconpy import APIHarnessV2

falcon = APIHarnessV2(client_id=CLIENT_ID,
                      client_secret=CLIENT_SECRET
                      )

id_list = 'ID1,ID2,ID3'  # Can also pass a list here: ['ID1', 'ID2', 'ID3']

response = falcon.command("entities_cloud_application_delete",
                          ids=id_list)
print(response)

package main

import (
  "context"
  "fmt"
  "os"

  "github.com/crowdstrike/gofalcon/falcon"
  "github.com/crowdstrike/gofalcon/falcon/client/data_protection_configuration"
)

func main() {
  client, err := falcon.NewClient(&falcon.ApiConfig{
    ClientId:     os.Getenv("FALCON_CLIENT_ID"),
    ClientSecret: os.Getenv("FALCON_CLIENT_SECRET"),
    Context:      context.Background(),
  })
  if err != nil {
    panic(err)
  }

  response, err := client.DataProtectionConfiguration.EntitiesCloudApplicationDelete(
    &data_protection_configuration.EntitiesCloudApplicationDeleteParams{
      Ids: []string{"ID1", "ID2", "ID3"},
      Context: context.Background(),
    },
  )
  if err != nil {
    panic(falcon.ErrorExplain(err))
  }

  fmt.Printf("%+v\n", response.Payload)
}

import { FalconClient } from "crowdstrike-falcon";

const client = new FalconClient({
  cloud: process.env.FALCON_CLOUD!,
  clientId: process.env.FALCON_CLIENT_ID!,
  clientSecret: process.env.FALCON_CLIENT_SECRET!,
});

const response = await client.dataProtectionConfiguration.entitiesCloudApplicationDelete(["ID1", "ID2", "ID3"]);  // ids

console.log(response);

require "crimson-falcon"

Falcon.configure do |config|
  config.client_id = ENV["FALCON_CLIENT_ID"]
  config.client_secret = ENV["FALCON_CLIENT_SECRET"]
  config.cloud = ENV["FALCON_CLOUD"]
end

api = Falcon::DataProtectionConfiguration.new

response = api.entities_cloud_application_delete(['ID1', 'ID2', 'ID3'])

puts response

entities_content_pattern_get

Get a particular content-pattern(s).

GET /data-protection/entities/content-patterns/v1

Scope Data Protection: READ Consumes · Produces application/json

PEP 8 get_content_pattern

Parameters

Name	Type	Data type	Description
ids	query	list of strings	The content-pattern id(s) to get.
parameters	query	dictionary	Full query string parameters payload in JSON format.

Code Examples

from falconpy import DataProtectionConfiguration

falcon = DataProtectionConfiguration(client_id=CLIENT_ID,
                                     client_secret=CLIENT_SECRET
                                     )

id_list = 'ID1,ID2,ID3'  # Can also pass a list here: ['ID1', 'ID2', 'ID3']

response = falcon.get_content_pattern(ids=id_list)
print(response)

from falconpy import DataProtectionConfiguration

falcon = DataProtectionConfiguration(client_id=CLIENT_ID,
                                     client_secret=CLIENT_SECRET
                                     )

id_list = 'ID1,ID2,ID3'  # Can also pass a list here: ['ID1', 'ID2', 'ID3']

response = falcon.entities_content_pattern_get(ids=id_list)
print(response)

from falconpy import APIHarnessV2

falcon = APIHarnessV2(client_id=CLIENT_ID,
                      client_secret=CLIENT_SECRET
                      )

id_list = 'ID1,ID2,ID3'  # Can also pass a list here: ['ID1', 'ID2', 'ID3']

response = falcon.command("entities_content_pattern_get",
                          ids=id_list)
print(response)

package main

import (
  "context"
  "fmt"
  "os"

  "github.com/crowdstrike/gofalcon/falcon"
  "github.com/crowdstrike/gofalcon/falcon/client/data_protection_configuration"
)

func main() {
  client, err := falcon.NewClient(&falcon.ApiConfig{
    ClientId:     os.Getenv("FALCON_CLIENT_ID"),
    ClientSecret: os.Getenv("FALCON_CLIENT_SECRET"),
    Context:      context.Background(),
  })
  if err != nil {
    panic(err)
  }

  response, err := client.DataProtectionConfiguration.EntitiesContentPatternGet(
    &data_protection_configuration.EntitiesContentPatternGetParams{
      Ids: []string{"ID1", "ID2", "ID3"},
      Context: context.Background(),
    },
  )
  if err != nil {
    panic(falcon.ErrorExplain(err))
  }

  fmt.Printf("%+v\n", response.Payload)
}

import { FalconClient } from "crowdstrike-falcon";

const client = new FalconClient({
  cloud: process.env.FALCON_CLOUD!,
  clientId: process.env.FALCON_CLIENT_ID!,
  clientSecret: process.env.FALCON_CLIENT_SECRET!,
});

const response = await client.dataProtectionConfiguration.entitiesContentPatternGet(["ID1", "ID2", "ID3"]);  // ids

console.log(response);

require "crimson-falcon"

Falcon.configure do |config|
  config.client_id = ENV["FALCON_CLIENT_ID"]
  config.client_secret = ENV["FALCON_CLIENT_SECRET"]
  config.cloud = ENV["FALCON_CLOUD"]
end

api = Falcon::DataProtectionConfiguration.new

response = api.entities_content_pattern_get(['ID1', 'ID2', 'ID3'])

puts response

entities_content_pattern_create

Persist the given content pattern for the provided entity instance.

POST /data-protection/entities/content-patterns/v1

Scope Data Protection: WRITE Consumes · Produces application/json

PEP 8 create_content_pattern

Parameters

Name	Type	Data type	Description
body	body	dictionary	Full body payload in JSON format
category	body	string	The content pattern category.
description	body	string	The description of the content pattern.
example	body	string	The new content pattern demonstration.
min_match_threshold	body	integer	Integer.
name	body	string	The name of the new content pattern.
regexes	body	list of strings	List of strings.
region	body	string	The region for the content pattern.

Code Examples

from falconpy import DataProtectionConfiguration

falcon = DataProtectionConfiguration(client_id=CLIENT_ID,
                                     client_secret=CLIENT_SECRET
                                     )

response = falcon.create_content_pattern(category="string",
                                         description="string",
                                         example="string",
                                         min_match_threshold=integer,
                                         name="string",
                                         regexes=["string"],
                                         region="string")
print(response)

from falconpy import DataProtectionConfiguration

falcon = DataProtectionConfiguration(client_id=CLIENT_ID,
                                     client_secret=CLIENT_SECRET
                                     )

response = falcon.entities_content_pattern_create(category="string",
                                                  description="string",
                                                  example="string",
                                                  min_match_threshold=integer,
                                                  name="string",
                                                  regexes=["string"],
                                                  region="string")
print(response)

from falconpy import APIHarnessV2

falcon = APIHarnessV2(client_id=CLIENT_ID,
                      client_secret=CLIENT_SECRET
                      )

body_payload = {
    "category": "string",
    "description": "string",
    "example": "string",
    "min_match_threshold": integer,
    "name": "string",
    "regexes": ["string"],
    "region": "string"
}

response = falcon.command("entities_content_pattern_create", body=body_payload)
print(response)

package main

import (
  "context"
  "fmt"
  "os"

  "github.com/crowdstrike/gofalcon/falcon"
  "github.com/crowdstrike/gofalcon/falcon/client/data_protection_configuration"
  "github.com/crowdstrike/gofalcon/falcon/models"
)

func main() {
  client, err := falcon.NewClient(&falcon.ApiConfig{
    ClientId:     os.Getenv("FALCON_CLIENT_ID"),
    ClientSecret: os.Getenv("FALCON_CLIENT_SECRET"),
    Context:      context.Background(),
  })
  if err != nil {
    panic(err)
  }

  category := "string"
  description := "string"
  example := "string"
  min_match_threshold := integer
  name := "string"
  region := "string"

  response, err := client.DataProtectionConfiguration.EntitiesContentPatternCreate(
    &data_protection_configuration.EntitiesContentPatternCreateParams{
      Body: &models.APIContentPatternCreateRequestV1{
        Category: &category,
        Description: &description,
        Example: &example,
        MinMatchThreshold: &min_match_threshold,
        Name: &name,
        Regexes: []string{"string"},
        Region: &region,
      },
      Context: context.Background(),
    },
  )
  if err != nil {
    panic(falcon.ErrorExplain(err))
  }

  fmt.Printf("%+v\n", response.Payload)
}

import { FalconClient } from "crowdstrike-falcon";

const client = new FalconClient({
  cloud: process.env.FALCON_CLOUD!,
  clientId: process.env.FALCON_CLIENT_ID!,
  clientSecret: process.env.FALCON_CLIENT_SECRET!,
});

const response = await client.dataProtectionConfiguration.entitiesContentPatternCreate(
  {
    category: "string",
    description: "string",
    example: "string",
    minMatchThreshold: integer,
    name: "string",
    regexes: [],
    region: "string"
}  // body
);

console.log(response);

require "crimson-falcon"

Falcon.configure do |config|
  config.client_id = ENV["FALCON_CLIENT_ID"]
  config.client_secret = ENV["FALCON_CLIENT_SECRET"]
  config.cloud = ENV["FALCON_CLOUD"]
end

api = Falcon::DataProtectionConfiguration.new

body = Falcon::ApiContentPatternCreateRequestV1.new(
  category: 'string',
  description: 'string',
  example: 'string',
  min_match_threshold: integer,
  name: 'string',
  regexes: [],
  region: 'string'
)

response = api.entities_content_pattern_create(body)

puts response

entities_content_pattern_patch

Update a content pattern.

PATCH /data-protection/entities/content-patterns/v1

Scope Data Protection: WRITE Consumes · Produces application/json

PEP 8 update_content_pattern

Parameters

Name	Type	Data type	Description
id	query	string	The id of the content pattern to patch.
body	body	dictionary	Full body payload in JSON format
category	body	string	The content pattern category.
description	body	string	The description of the content pattern.
example	body	string	The new content pattern demonstration.
min_match_threshold	body	integer	Integer.
name	body	string	The name of the new content pattern.
regexes	body	list of strings	List of strings.
region	body	string	The region for the content pattern.
parameters	query	dictionary	Full query string parameters payload in JSON format.

Code Examples

from falconpy import DataProtectionConfiguration

falcon = DataProtectionConfiguration(client_id=CLIENT_ID,
                                     client_secret=CLIENT_SECRET
                                     )

response = falcon.update_content_pattern(id="string",
                                         category="string",
                                         description="string",
                                         example="string",
                                         min_match_threshold=integer,
                                         name="string",
                                         regexes=["string"],
                                         region="string")
print(response)

from falconpy import DataProtectionConfiguration

falcon = DataProtectionConfiguration(client_id=CLIENT_ID,
                                     client_secret=CLIENT_SECRET
                                     )

response = falcon.entities_content_pattern_patch(id="string",
                                                 category="string",
                                                 description="string",
                                                 example="string",
                                                 min_match_threshold=integer,
                                                 name="string",
                                                 regexes=["string"],
                                                 region="string")
print(response)

from falconpy import APIHarnessV2

falcon = APIHarnessV2(client_id=CLIENT_ID,
                      client_secret=CLIENT_SECRET
                      )

body_payload = {
    "description": "string",
    "example": "string",
    "id": "string",
    "min_match_threshold": integer,
    "name": "string",
    "regexes": ["string"]
}

response = falcon.command("entities_content_pattern_patch",
                          id="string",
                          body=body_payload)
print(response)

package main

import (
  "context"
  "fmt"
  "os"

  "github.com/crowdstrike/gofalcon/falcon"
  "github.com/crowdstrike/gofalcon/falcon/client/data_protection_configuration"
  "github.com/crowdstrike/gofalcon/falcon/models"
)

func main() {
  client, err := falcon.NewClient(&falcon.ApiConfig{
    ClientId:     os.Getenv("FALCON_CLIENT_ID"),
    ClientSecret: os.Getenv("FALCON_CLIENT_SECRET"),
    Context:      context.Background(),
  })
  if err != nil {
    panic(err)
  }

  description := "string"
  example := "string"
  id := "string"
  min_match_threshold := integer
  name := "string"

  response, err := client.DataProtectionConfiguration.EntitiesContentPatternPatch(
    &data_protection_configuration.EntitiesContentPatternPatchParams{
      Body: &models.APIContentPatternUpdateRequestV1{
        Description: &description,
        Example: &example,
        ID: &id,
        MinMatchThreshold: &min_match_threshold,
        Name: &name,
        Regexes: []string{"string"},
      },
      ID: "string",
      Context: context.Background(),
    },
  )
  if err != nil {
    panic(falcon.ErrorExplain(err))
  }

  fmt.Printf("%+v\n", response.Payload)
}

import { FalconClient } from "crowdstrike-falcon";

const client = new FalconClient({
  cloud: process.env.FALCON_CLOUD!,
  clientId: process.env.FALCON_CLIENT_ID!,
  clientSecret: process.env.FALCON_CLIENT_SECRET!,
});

const response = await client.dataProtectionConfiguration.entitiesContentPatternPatch(
  "string",  // id
  {  // body
      description: "string",
      example: "string",
      id: "string",
      minMatchThreshold: integer,
      name: "string",
      regexes: []
  }
);

console.log(response);

require "crimson-falcon"

Falcon.configure do |config|
  config.client_id = ENV["FALCON_CLIENT_ID"]
  config.client_secret = ENV["FALCON_CLIENT_SECRET"]
  config.cloud = ENV["FALCON_CLOUD"]
end

api = Falcon::DataProtectionConfiguration.new

body = Falcon::ApiContentPatternUpdateRequestV1.new(
  description: 'string',
  example: 'string',
  id: 'string',
  min_match_threshold: integer,
  name: 'string',
  regexes: []
)

response = api.entities_content_pattern_patch(body, 'string')

puts response

entities_content_pattern_delete

Delete content pattern.

DELETE /data-protection/entities/content-patterns/v1

Scope Data Protection: WRITE Consumes · Produces application/json

PEP 8 delete_content_pattern

Parameters

Name	Type	Data type	Description
ids	query	list of strings	The id(s) of the content pattern to delete.
parameters	query	dictionary	Full query string parameters payload in JSON format.

Code Examples

from falconpy import DataProtectionConfiguration

falcon = DataProtectionConfiguration(client_id=CLIENT_ID,
                                     client_secret=CLIENT_SECRET
                                     )

id_list = 'ID1,ID2,ID3'  # Can also pass a list here: ['ID1', 'ID2', 'ID3']

response = falcon.delete_content_pattern(ids=id_list)
print(response)

from falconpy import DataProtectionConfiguration

falcon = DataProtectionConfiguration(client_id=CLIENT_ID,
                                     client_secret=CLIENT_SECRET
                                     )

id_list = 'ID1,ID2,ID3'  # Can also pass a list here: ['ID1', 'ID2', 'ID3']

response = falcon.entities_content_pattern_delete(ids=id_list)
print(response)

from falconpy import APIHarnessV2

falcon = APIHarnessV2(client_id=CLIENT_ID,
                      client_secret=CLIENT_SECRET
                      )

id_list = 'ID1,ID2,ID3'  # Can also pass a list here: ['ID1', 'ID2', 'ID3']

response = falcon.command("entities_content_pattern_delete",
                          ids=id_list)
print(response)

package main

import (
  "context"
  "fmt"
  "os"

  "github.com/crowdstrike/gofalcon/falcon"
  "github.com/crowdstrike/gofalcon/falcon/client/data_protection_configuration"
)

func main() {
  client, err := falcon.NewClient(&falcon.ApiConfig{
    ClientId:     os.Getenv("FALCON_CLIENT_ID"),
    ClientSecret: os.Getenv("FALCON_CLIENT_SECRET"),
    Context:      context.Background(),
  })
  if err != nil {
    panic(err)
  }

  response, err := client.DataProtectionConfiguration.EntitiesContentPatternDelete(
    &data_protection_configuration.EntitiesContentPatternDeleteParams{
      Ids: []string{"ID1", "ID2", "ID3"},
      Context: context.Background(),
    },
  )
  if err != nil {
    panic(falcon.ErrorExplain(err))
  }

  fmt.Printf("%+v\n", response.Payload)
}

import { FalconClient } from "crowdstrike-falcon";

const client = new FalconClient({
  cloud: process.env.FALCON_CLOUD!,
  clientId: process.env.FALCON_CLIENT_ID!,
  clientSecret: process.env.FALCON_CLIENT_SECRET!,
});

const response = await client.dataProtectionConfiguration.entitiesContentPatternDelete(["ID1", "ID2", "ID3"]);  // ids

console.log(response);

require "crimson-falcon"

Falcon.configure do |config|
  config.client_id = ENV["FALCON_CLIENT_ID"]
  config.client_secret = ENV["FALCON_CLIENT_SECRET"]
  config.cloud = ENV["FALCON_CLOUD"]
end

api = Falcon::DataProtectionConfiguration.new

response = api.entities_content_pattern_delete(['ID1', 'ID2', 'ID3'])

puts response

entities_policy_precedence_post_v1

Update Policy Precedence.

POST /data-protection/entities/data-protection-precedence/v1

Scope Data Protection: WRITE Consumes · Produces application/json

PEP 8 update_policy_precedence

Parameters

Name	Type	Data type	Description
body	body	dictionary	Full body payload in JSON format
platform	body	string	The platform for the policy precedence update (e.g., ‘win’ or ‘mac’).
precedence	body	list of strings	Ordered list of policy IDs defining the precedence order.

Code Examples

from falconpy import DataProtectionConfiguration

falcon = DataProtectionConfiguration(client_id=CLIENT_ID,
                                     client_secret=CLIENT_SECRET
                                     )

response = falcon.update_policy_precedence(platform="string",
                                           precedence=["string"])
print(response)

from falconpy import DataProtectionConfiguration

falcon = DataProtectionConfiguration(client_id=CLIENT_ID,
                                     client_secret=CLIENT_SECRET
                                     )

response = falcon.entities_policy_precedence_post_v1(platform="string",
                                                     precedence=["string"])
print(response)

from falconpy import APIHarnessV2

falcon = APIHarnessV2(client_id=CLIENT_ID,
                      client_secret=CLIENT_SECRET
                      )

body_payload = {
    "resources": [
        {
            "platform": "string",
            "precedence": ["string"]
        }
    ]
}

response = falcon.command("entities_policy_precedence_post_v1", body=body_payload)
print(response)

package main

import (
  "context"
  "fmt"
  "os"

  "github.com/crowdstrike/gofalcon/falcon"
  "github.com/crowdstrike/gofalcon/falcon/client/data_protection_configuration"
  "github.com/crowdstrike/gofalcon/falcon/models"
)

func main() {
  client, err := falcon.NewClient(&falcon.ApiConfig{
    ClientId:     os.Getenv("FALCON_CLIENT_ID"),
    ClientSecret: os.Getenv("FALCON_CLIENT_SECRET"),
    Context:      context.Background(),
  })
  if err != nil {
    panic(err)
  }

  platform := "string"

  response, err := client.DataProtectionConfiguration.EntitiesPolicyPrecedencePostV1(
    &data_protection_configuration.EntitiesPolicyPrecedencePostV1Params{
      Body: &models.PolicymanagerPoliciesPrecedence{
        Resources: []interface{}{
          {
          Platform: &platform,
          Precedence: []string{"string"},
          },
        },
      },
      Context: context.Background(),
    },
  )
  if err != nil {
    panic(falcon.ErrorExplain(err))
  }

  fmt.Printf("%+v\n", response.Payload)
}

import { FalconClient } from "crowdstrike-falcon";

const client = new FalconClient({
  cloud: process.env.FALCON_CLOUD!,
  clientId: process.env.FALCON_CLIENT_ID!,
  clientSecret: process.env.FALCON_CLIENT_SECRET!,
});

const response = await client.dataProtectionConfiguration.entitiesPolicyPrecedencePostV1(
  {
    resources: [{
        platform: "string",
        precedence: []
      }]
}  // body
);

console.log(response);

entities_enterprise_account_get

Get a particular enterprise-account(s).

GET /data-protection/entities/enterprise-accounts/v1

Scope Data Protection: READ Consumes · Produces application/json

PEP 8 get_enterprise_account

Parameters

Name	Type	Data type	Description
ids	query	list of strings	The enterprise-account id(s) to get.
parameters	query	dictionary	Full query string parameters payload in JSON format.

Code Examples

from falconpy import DataProtectionConfiguration

falcon = DataProtectionConfiguration(client_id=CLIENT_ID,
                                     client_secret=CLIENT_SECRET
                                     )

id_list = 'ID1,ID2,ID3'  # Can also pass a list here: ['ID1', 'ID2', 'ID3']

response = falcon.get_enterprise_account(ids=id_list)
print(response)

from falconpy import DataProtectionConfiguration

falcon = DataProtectionConfiguration(client_id=CLIENT_ID,
                                     client_secret=CLIENT_SECRET
                                     )

id_list = 'ID1,ID2,ID3'  # Can also pass a list here: ['ID1', 'ID2', 'ID3']

response = falcon.entities_enterprise_account_get(ids=id_list)
print(response)

from falconpy import APIHarnessV2

falcon = APIHarnessV2(client_id=CLIENT_ID,
                      client_secret=CLIENT_SECRET
                      )

id_list = 'ID1,ID2,ID3'  # Can also pass a list here: ['ID1', 'ID2', 'ID3']

response = falcon.command("entities_enterprise_account_get",
                          ids=id_list)
print(response)

package main

import (
  "context"
  "fmt"
  "os"

  "github.com/crowdstrike/gofalcon/falcon"
  "github.com/crowdstrike/gofalcon/falcon/client/data_protection_configuration"
)

func main() {
  client, err := falcon.NewClient(&falcon.ApiConfig{
    ClientId:     os.Getenv("FALCON_CLIENT_ID"),
    ClientSecret: os.Getenv("FALCON_CLIENT_SECRET"),
    Context:      context.Background(),
  })
  if err != nil {
    panic(err)
  }

  response, err := client.DataProtectionConfiguration.EntitiesEnterpriseAccountGet(
    &data_protection_configuration.EntitiesEnterpriseAccountGetParams{
      Ids: []string{"ID1", "ID2", "ID3"},
      Context: context.Background(),
    },
  )
  if err != nil {
    panic(falcon.ErrorExplain(err))
  }

  fmt.Printf("%+v\n", response.Payload)
}

import { FalconClient } from "crowdstrike-falcon";

const client = new FalconClient({
  cloud: process.env.FALCON_CLOUD!,
  clientId: process.env.FALCON_CLIENT_ID!,
  clientSecret: process.env.FALCON_CLIENT_SECRET!,
});

const response = await client.dataProtectionConfiguration.entitiesEnterpriseAccountGet(["ID1", "ID2", "ID3"]);  // ids

console.log(response);

require "crimson-falcon"

Falcon.configure do |config|
  config.client_id = ENV["FALCON_CLIENT_ID"]
  config.client_secret = ENV["FALCON_CLIENT_SECRET"]
  config.cloud = ENV["FALCON_CLOUD"]
end

api = Falcon::DataProtectionConfiguration.new

response = api.entities_enterprise_account_get(['ID1', 'ID2', 'ID3'])

puts response

entities_enterprise_account_create

Persist the given enterprise account for the provided entity instance.

POST /data-protection/entities/enterprise-accounts/v1

Scope Data Protection: WRITE Consumes · Produces application/json

PEP 8 create_enterprise_account

Parameters

Name	Type	Data type	Description
body	body	dictionary	Full body payload in JSON format
application_group_id	body	string	String.
domains	body	list of strings	List of strings.
name	body	string	The name of the enterprise account.
plugin_config_id	body	string	String.

Code Examples

from falconpy import DataProtectionConfiguration

falcon = DataProtectionConfiguration(client_id=CLIENT_ID,
                                     client_secret=CLIENT_SECRET
                                     )

response = falcon.create_enterprise_account(application_group_id="string",
                                            domains=["string"],
                                            name="string",
                                            plugin_config_id="string")
print(response)

from falconpy import DataProtectionConfiguration

falcon = DataProtectionConfiguration(client_id=CLIENT_ID,
                                     client_secret=CLIENT_SECRET
                                     )

response = falcon.entities_enterprise_account_create(application_group_id="string",
                                                     domains=["string"],
                                                     name="string",
                                                     plugin_config_id="string")
print(response)

from falconpy import APIHarnessV2

falcon = APIHarnessV2(client_id=CLIENT_ID,
                      client_secret=CLIENT_SECRET
                      )

body_payload = {
    "application_group_id": "string",
    "domains": ["string"],
    "name": "string",
    "plugin_config_id": "string"
}

response = falcon.command("entities_enterprise_account_create", body=body_payload)
print(response)

package main

import (
  "context"
  "fmt"
  "os"

  "github.com/crowdstrike/gofalcon/falcon"
  "github.com/crowdstrike/gofalcon/falcon/client/data_protection_configuration"
  "github.com/crowdstrike/gofalcon/falcon/models"
)

func main() {
  client, err := falcon.NewClient(&falcon.ApiConfig{
    ClientId:     os.Getenv("FALCON_CLIENT_ID"),
    ClientSecret: os.Getenv("FALCON_CLIENT_SECRET"),
    Context:      context.Background(),
  })
  if err != nil {
    panic(err)
  }

  application_group_id := "string"
  name := "string"
  plugin_config_id := "string"

  response, err := client.DataProtectionConfiguration.EntitiesEnterpriseAccountCreate(
    &data_protection_configuration.EntitiesEnterpriseAccountCreateParams{
      Body: &models.APIEnterpriseAccountCreateRequestV1{
        ApplicationGroupID: &application_group_id,
        Domains: []string{"string"},
        Name: &name,
        PluginConfigID: &plugin_config_id,
      },
      Context: context.Background(),
    },
  )
  if err != nil {
    panic(falcon.ErrorExplain(err))
  }

  fmt.Printf("%+v\n", response.Payload)
}

import { FalconClient } from "crowdstrike-falcon";

const client = new FalconClient({
  cloud: process.env.FALCON_CLOUD!,
  clientId: process.env.FALCON_CLIENT_ID!,
  clientSecret: process.env.FALCON_CLIENT_SECRET!,
});

const response = await client.dataProtectionConfiguration.entitiesEnterpriseAccountCreate(
  {
    applicationGroupId: "string",
    domains: [],
    name: "string",
    pluginConfigId: "string"
}  // body
);

console.log(response);

require "crimson-falcon"

Falcon.configure do |config|
  config.client_id = ENV["FALCON_CLIENT_ID"]
  config.client_secret = ENV["FALCON_CLIENT_SECRET"]
  config.cloud = ENV["FALCON_CLOUD"]
end

api = Falcon::DataProtectionConfiguration.new

body = Falcon::ApiEnterpriseAccountCreateRequestV1.new(
  application_group_id: 'string',
  domains: [],
  name: 'string',
  plugin_config_id: 'string'
)

response = api.entities_enterprise_account_create(body)

puts response

entities_enterprise_account_patch

Update a enterprise account.

PATCH /data-protection/entities/enterprise-accounts/v1

Scope Data Protection: WRITE Consumes · Produces application/json

PEP 8 update_enterprise_account

Parameters

Name	Type	Data type	Description
id	query	string	The id of the enterprise account to update.
body	body	dictionary	Full body payload in JSON format
application_group_id	body	string	String.
domains	body	list of strings	List of strings.
name	body	string	The name of the enterprise account.
plugin_config_id	body	string	String.
parameters	query	dictionary	Full query string parameters payload in JSON format.

Code Examples

from falconpy import DataProtectionConfiguration

falcon = DataProtectionConfiguration(client_id=CLIENT_ID,
                                     client_secret=CLIENT_SECRET
                                     )

response = falcon.update_enterprise_account(id="string",
                                            application_group_id="string",
                                            domains=["string"],
                                            name="string",
                                            plugin_config_id="string")
print(response)

from falconpy import DataProtectionConfiguration

falcon = DataProtectionConfiguration(client_id=CLIENT_ID,
                                     client_secret=CLIENT_SECRET
                                     )

response = falcon.entities_enterprise_account_patch(id="string",
                                                    application_group_id="string",
                                                    domains=["string"],
                                                    name="string",
                                                    plugin_config_id="string")
print(response)

from falconpy import APIHarnessV2

falcon = APIHarnessV2(client_id=CLIENT_ID,
                      client_secret=CLIENT_SECRET
                      )

body_payload = {
    "domains": ["string"],
    "id": "string",
    "name": "string"
}

response = falcon.command("entities_enterprise_account_patch",
                          id="string",
                          body=body_payload)
print(response)

package main

import (
  "context"
  "fmt"
  "os"

  "github.com/crowdstrike/gofalcon/falcon"
  "github.com/crowdstrike/gofalcon/falcon/client/data_protection_configuration"
  "github.com/crowdstrike/gofalcon/falcon/models"
)

func main() {
  client, err := falcon.NewClient(&falcon.ApiConfig{
    ClientId:     os.Getenv("FALCON_CLIENT_ID"),
    ClientSecret: os.Getenv("FALCON_CLIENT_SECRET"),
    Context:      context.Background(),
  })
  if err != nil {
    panic(err)
  }

  id := "string"
  name := "string"

  response, err := client.DataProtectionConfiguration.EntitiesEnterpriseAccountPatch(
    &data_protection_configuration.EntitiesEnterpriseAccountPatchParams{
      Body: &models.APIEnterpriseAccountUpdateRequestV1{
        Domains: []string{"string"},
        ID: &id,
        Name: &name,
      },
      ID: "string",
      Context: context.Background(),
    },
  )
  if err != nil {
    panic(falcon.ErrorExplain(err))
  }

  fmt.Printf("%+v\n", response.Payload)
}

import { FalconClient } from "crowdstrike-falcon";

const client = new FalconClient({
  cloud: process.env.FALCON_CLOUD!,
  clientId: process.env.FALCON_CLIENT_ID!,
  clientSecret: process.env.FALCON_CLIENT_SECRET!,
});

const response = await client.dataProtectionConfiguration.entitiesEnterpriseAccountPatch(
  "string",  // id
  {  // body
      domains: [],
      id: "string",
      name: "string"
  }
);

console.log(response);

require "crimson-falcon"

Falcon.configure do |config|
  config.client_id = ENV["FALCON_CLIENT_ID"]
  config.client_secret = ENV["FALCON_CLIENT_SECRET"]
  config.cloud = ENV["FALCON_CLOUD"]
end

api = Falcon::DataProtectionConfiguration.new

body = Falcon::ApiEnterpriseAccountUpdateRequestV1.new(
  domains: [],
  id: 'string',
  name: 'string'
)

response = api.entities_enterprise_account_patch(body, 'string')

puts response

entities_enterprise_account_delete

Delete enterprise account.

DELETE /data-protection/entities/enterprise-accounts/v1

Scope Data Protection: WRITE Consumes · Produces application/json

PEP 8 delete_enterprise_account

Parameters

Name	Type	Data type	Description
ids	query	list of strings	The id of the enterprise account to delete.
parameters	query	dictionary	Full query string parameters payload in JSON format.

Code Examples

from falconpy import DataProtectionConfiguration

falcon = DataProtectionConfiguration(client_id=CLIENT_ID,
                                     client_secret=CLIENT_SECRET
                                     )

id_list = 'ID1,ID2,ID3'  # Can also pass a list here: ['ID1', 'ID2', 'ID3']

response = falcon.delete_enterprise_account(ids=id_list)
print(response)

from falconpy import DataProtectionConfiguration

falcon = DataProtectionConfiguration(client_id=CLIENT_ID,
                                     client_secret=CLIENT_SECRET
                                     )

id_list = 'ID1,ID2,ID3'  # Can also pass a list here: ['ID1', 'ID2', 'ID3']

response = falcon.entities_enterprise_account_delete(ids=id_list)
print(response)

from falconpy import APIHarnessV2

falcon = APIHarnessV2(client_id=CLIENT_ID,
                      client_secret=CLIENT_SECRET
                      )

id_list = 'ID1,ID2,ID3'  # Can also pass a list here: ['ID1', 'ID2', 'ID3']

response = falcon.command("entities_enterprise_account_delete",
                          ids=id_list)
print(response)

package main

import (
  "context"
  "fmt"
  "os"

  "github.com/crowdstrike/gofalcon/falcon"
  "github.com/crowdstrike/gofalcon/falcon/client/data_protection_configuration"
)

func main() {
  client, err := falcon.NewClient(&falcon.ApiConfig{
    ClientId:     os.Getenv("FALCON_CLIENT_ID"),
    ClientSecret: os.Getenv("FALCON_CLIENT_SECRET"),
    Context:      context.Background(),
  })
  if err != nil {
    panic(err)
  }

  response, err := client.DataProtectionConfiguration.EntitiesEnterpriseAccountDelete(
    &data_protection_configuration.EntitiesEnterpriseAccountDeleteParams{
      Ids: []string{"ID1", "ID2", "ID3"},
      Context: context.Background(),
    },
  )
  if err != nil {
    panic(falcon.ErrorExplain(err))
  }

  fmt.Printf("%+v\n", response.Payload)
}

import { FalconClient } from "crowdstrike-falcon";

const client = new FalconClient({
  cloud: process.env.FALCON_CLOUD!,
  clientId: process.env.FALCON_CLIENT_ID!,
  clientSecret: process.env.FALCON_CLIENT_SECRET!,
});

const response = await client.dataProtectionConfiguration.entitiesEnterpriseAccountDelete(["ID1", "ID2", "ID3"]);  // ids

console.log(response);

require "crimson-falcon"

Falcon.configure do |config|
  config.client_id = ENV["FALCON_CLIENT_ID"]
  config.client_secret = ENV["FALCON_CLIENT_SECRET"]
  config.cloud = ENV["FALCON_CLOUD"]
end

api = Falcon::DataProtectionConfiguration.new

response = api.entities_enterprise_account_delete(['ID1', 'ID2', 'ID3'])

puts response

entities_file_type_get

Get a particular file-type.

GET /data-protection/entities/file-types/v1

Scope Data Protection: READ Consumes · Produces application/json

PEP 8 get_file_type

Parameters

Name	Type	Data type	Description
ids	query	list of strings	The file-type id(s) to get.
parameters	query	dictionary	Full query string parameters payload in JSON format.

Code Examples

from falconpy import DataProtectionConfiguration

falcon = DataProtectionConfiguration(client_id=CLIENT_ID,
                                     client_secret=CLIENT_SECRET
                                     )

id_list = 'ID1,ID2,ID3'  # Can also pass a list here: ['ID1', 'ID2', 'ID3']

response = falcon.get_file_type(ids=id_list)
print(response)

from falconpy import DataProtectionConfiguration

falcon = DataProtectionConfiguration(client_id=CLIENT_ID,
                                     client_secret=CLIENT_SECRET
                                     )

id_list = 'ID1,ID2,ID3'  # Can also pass a list here: ['ID1', 'ID2', 'ID3']

response = falcon.entities_file_type_get(ids=id_list)
print(response)

from falconpy import APIHarnessV2

falcon = APIHarnessV2(client_id=CLIENT_ID,
                      client_secret=CLIENT_SECRET
                      )

id_list = 'ID1,ID2,ID3'  # Can also pass a list here: ['ID1', 'ID2', 'ID3']

response = falcon.command("entities_file_type_get",
                          ids=id_list)
print(response)

package main

import (
  "context"
  "fmt"
  "os"

  "github.com/crowdstrike/gofalcon/falcon"
  "github.com/crowdstrike/gofalcon/falcon/client/data_protection_configuration"
)

func main() {
  client, err := falcon.NewClient(&falcon.ApiConfig{
    ClientId:     os.Getenv("FALCON_CLIENT_ID"),
    ClientSecret: os.Getenv("FALCON_CLIENT_SECRET"),
    Context:      context.Background(),
  })
  if err != nil {
    panic(err)
  }

  response, err := client.DataProtectionConfiguration.EntitiesFileTypeGet(
    &data_protection_configuration.EntitiesFileTypeGetParams{
      Ids: []string{"ID1", "ID2", "ID3"},
      Context: context.Background(),
    },
  )
  if err != nil {
    panic(falcon.ErrorExplain(err))
  }

  fmt.Printf("%+v\n", response.Payload)
}

import { FalconClient } from "crowdstrike-falcon";

const client = new FalconClient({
  cloud: process.env.FALCON_CLOUD!,
  clientId: process.env.FALCON_CLIENT_ID!,
  clientSecret: process.env.FALCON_CLIENT_SECRET!,
});

const response = await client.dataProtectionConfiguration.entitiesFileTypeGet(["ID1", "ID2", "ID3"]);  // ids

console.log(response);

require "crimson-falcon"

Falcon.configure do |config|
  config.client_id = ENV["FALCON_CLIENT_ID"]
  config.client_secret = ENV["FALCON_CLIENT_SECRET"]
  config.cloud = ENV["FALCON_CLOUD"]
end

api = Falcon::DataProtectionConfiguration.new

response = api.entities_file_type_get(['ID1', 'ID2', 'ID3'])

puts response

entities_sensitivity_label_get_v2

Get sensitivity label matching the IDs (V2).

GET /data-protection/entities/labels/v2

Scope Data Protection: READ Consumes · Produces application/json

PEP 8 get_sensitivity_label

Parameters

Name	Type	Data type	Description
ids	query	list of strings	The sensitivity label entity id(s) to get.
parameters	query	dictionary	Full query string parameters payload in JSON format.

Code Examples

from falconpy import DataProtectionConfiguration

falcon = DataProtectionConfiguration(client_id=CLIENT_ID,
                                     client_secret=CLIENT_SECRET
                                     )

id_list = 'ID1,ID2,ID3'  # Can also pass a list here: ['ID1', 'ID2', 'ID3']

response = falcon.get_sensitivity_label(ids=id_list)
print(response)

from falconpy import DataProtectionConfiguration

falcon = DataProtectionConfiguration(client_id=CLIENT_ID,
                                     client_secret=CLIENT_SECRET
                                     )

id_list = 'ID1,ID2,ID3'  # Can also pass a list here: ['ID1', 'ID2', 'ID3']

response = falcon.entities_sensitivity_label_get_v2(ids=id_list)
print(response)

from falconpy import APIHarnessV2

falcon = APIHarnessV2(client_id=CLIENT_ID,
                      client_secret=CLIENT_SECRET
                      )

id_list = 'ID1,ID2,ID3'  # Can also pass a list here: ['ID1', 'ID2', 'ID3']

response = falcon.command("entities_sensitivity_label_get_v2",
                          ids=id_list)
print(response)

package main

import (
  "context"
  "fmt"
  "os"

  "github.com/crowdstrike/gofalcon/falcon"
  "github.com/crowdstrike/gofalcon/falcon/client/data_protection_configuration"
)

func main() {
  client, err := falcon.NewClient(&falcon.ApiConfig{
    ClientId:     os.Getenv("FALCON_CLIENT_ID"),
    ClientSecret: os.Getenv("FALCON_CLIENT_SECRET"),
    Context:      context.Background(),
  })
  if err != nil {
    panic(err)
  }

  response, err := client.DataProtectionConfiguration.EntitiesSensitivityLabelGetV2(
    &data_protection_configuration.EntitiesSensitivityLabelGetV2Params{
      Ids: []string{"ID1", "ID2", "ID3"},
      Context: context.Background(),
    },
  )
  if err != nil {
    panic(falcon.ErrorExplain(err))
  }

  fmt.Printf("%+v\n", response.Payload)
}

import { FalconClient } from "crowdstrike-falcon";

const client = new FalconClient({
  cloud: process.env.FALCON_CLOUD!,
  clientId: process.env.FALCON_CLIENT_ID!,
  clientSecret: process.env.FALCON_CLIENT_SECRET!,
});

const response = await client.dataProtectionConfiguration.entitiesSensitivityLabelGetV2(["ID1", "ID2", "ID3"]);  // ids

console.log(response);

require "crimson-falcon"

Falcon.configure do |config|
  config.client_id = ENV["FALCON_CLIENT_ID"]
  config.client_secret = ENV["FALCON_CLIENT_SECRET"]
  config.cloud = ENV["FALCON_CLOUD"]
end

api = Falcon::DataProtectionConfiguration.new

response = api.entities_sensitivity_label_get_v2(['ID1', 'ID2', 'ID3'])

puts response

entities_sensitivity_label_create_v2

Create new sensitivity label (V2).

POST /data-protection/entities/labels/v2

Scope Data Protection: WRITE Consumes · Produces application/json

PEP 8 create_sensitivity_label

Parameters

Name	Type	Data type	Description
body	body	dictionary	Full body payload in JSON format
co_authoring	body	boolean	Boolean.
display_name	body	string	String.
external_id	body	string	String.
label_provider	body	string	String.
name	body	string	The name of the new sensitivity label.
plugins_configuration_id	body	string	String.
synced	body	boolean	Boolean.

Code Examples

from falconpy import DataProtectionConfiguration

falcon = DataProtectionConfiguration(client_id=CLIENT_ID,
                                     client_secret=CLIENT_SECRET
                                     )

response = falcon.create_sensitivity_label(co_authoring=boolean,
                                           display_name="string",
                                           external_id="string",
                                           label_provider="string",
                                           name="string",
                                           plugins_configuration_id="string",
                                           synced=boolean)
print(response)

from falconpy import DataProtectionConfiguration

falcon = DataProtectionConfiguration(client_id=CLIENT_ID,
                                     client_secret=CLIENT_SECRET
                                     )

response = falcon.entities_sensitivity_label_create_v2(co_authoring=boolean,
                                                       display_name="string",
                                                       external_id="string",
                                                       label_provider="string",
                                                       name="string",
                                                       plugins_configuration_id="string",
                                                       synced=boolean)
print(response)

from falconpy import APIHarnessV2

falcon = APIHarnessV2(client_id=CLIENT_ID,
                      client_secret=CLIENT_SECRET
                      )

body_payload = {
    "co_authoring": boolean,
    "display_name": "string",
    "external_id": "string",
    "label_provider": "string",
    "name": "string",
    "plugins_configuration_id": "string",
    "synced": boolean
}

response = falcon.command("entities_sensitivity_label_create_v2", body=body_payload)
print(response)

package main

import (
  "context"
  "fmt"
  "os"

  "github.com/crowdstrike/gofalcon/falcon"
  "github.com/crowdstrike/gofalcon/falcon/client/data_protection_configuration"
  "github.com/crowdstrike/gofalcon/falcon/models"
)

func main() {
  client, err := falcon.NewClient(&falcon.ApiConfig{
    ClientId:     os.Getenv("FALCON_CLIENT_ID"),
    ClientSecret: os.Getenv("FALCON_CLIENT_SECRET"),
    Context:      context.Background(),
  })
  if err != nil {
    panic(err)
  }

  co_authoring := boolean
  display_name := "string"
  external_id := "string"
  label_provider := "string"
  name := "string"
  plugins_configuration_id := "string"
  synced := boolean

  response, err := client.DataProtectionConfiguration.EntitiesSensitivityLabelCreateV2(
    &data_protection_configuration.EntitiesSensitivityLabelCreateV2Params{
      Body: &models.APISensitivityLabelCreateRequestV2{
        CoAuthoring: &co_authoring,
        DisplayName: &display_name,
        ExternalID: &external_id,
        LabelProvider: &label_provider,
        Name: &name,
        PluginsConfigurationID: &plugins_configuration_id,
        Synced: &synced,
      },
      Context: context.Background(),
    },
  )
  if err != nil {
    panic(falcon.ErrorExplain(err))
  }

  fmt.Printf("%+v\n", response.Payload)
}

import { FalconClient } from "crowdstrike-falcon";

const client = new FalconClient({
  cloud: process.env.FALCON_CLOUD!,
  clientId: process.env.FALCON_CLIENT_ID!,
  clientSecret: process.env.FALCON_CLIENT_SECRET!,
});

const response = await client.dataProtectionConfiguration.entitiesSensitivityLabelCreateV2(
  {
    coAuthoring: boolean,
    displayName: "string",
    externalId: "string",
    labelProvider: "string",
    name: "string",
    pluginsConfigurationId: "string",
    synced: boolean
}  // body
);

console.log(response);

require "crimson-falcon"

Falcon.configure do |config|
  config.client_id = ENV["FALCON_CLIENT_ID"]
  config.client_secret = ENV["FALCON_CLIENT_SECRET"]
  config.cloud = ENV["FALCON_CLOUD"]
end

api = Falcon::DataProtectionConfiguration.new

body = Falcon::ApiSensitivityLabelCreateRequestV2.new(
  co_authoring: boolean,
  display_name: 'string',
  external_id: 'string',
  label_provider: 'string',
  name: 'string',
  plugins_configuration_id: 'string',
  synced: boolean
)

response = api.entities_sensitivity_label_create_v2(body)

puts response

entities_sensitivity_label_delete_v2

Delete sensitivity labels matching the IDs (V2).

DELETE /data-protection/entities/labels/v2

Scope Data Protection: WRITE Consumes · Produces application/json

PEP 8 delete_sensitivity_label

Parameters

Name	Type	Data type	Description
ids	query	list of strings	The sensitivity label entity id(s) to delete.
parameters	query	dictionary	Full query string parameters payload in JSON format.

Code Examples

from falconpy import DataProtectionConfiguration

falcon = DataProtectionConfiguration(client_id=CLIENT_ID,
                                     client_secret=CLIENT_SECRET
                                     )

id_list = 'ID1,ID2,ID3'  # Can also pass a list here: ['ID1', 'ID2', 'ID3']

response = falcon.delete_sensitivity_label(ids=id_list)
print(response)

from falconpy import DataProtectionConfiguration

falcon = DataProtectionConfiguration(client_id=CLIENT_ID,
                                     client_secret=CLIENT_SECRET
                                     )

id_list = 'ID1,ID2,ID3'  # Can also pass a list here: ['ID1', 'ID2', 'ID3']

response = falcon.entities_sensitivity_label_delete_v2(ids=id_list)
print(response)

from falconpy import APIHarnessV2

falcon = APIHarnessV2(client_id=CLIENT_ID,
                      client_secret=CLIENT_SECRET
                      )

id_list = 'ID1,ID2,ID3'  # Can also pass a list here: ['ID1', 'ID2', 'ID3']

response = falcon.command("entities_sensitivity_label_delete_v2",
                          ids=id_list)
print(response)

package main

import (
  "context"
  "fmt"
  "os"

  "github.com/crowdstrike/gofalcon/falcon"
  "github.com/crowdstrike/gofalcon/falcon/client/data_protection_configuration"
)

func main() {
  client, err := falcon.NewClient(&falcon.ApiConfig{
    ClientId:     os.Getenv("FALCON_CLIENT_ID"),
    ClientSecret: os.Getenv("FALCON_CLIENT_SECRET"),
    Context:      context.Background(),
  })
  if err != nil {
    panic(err)
  }

  response, err := client.DataProtectionConfiguration.EntitiesSensitivityLabelDeleteV2(
    &data_protection_configuration.EntitiesSensitivityLabelDeleteV2Params{
      Ids: []string{"ID1", "ID2", "ID3"},
      Context: context.Background(),
    },
  )
  if err != nil {
    panic(falcon.ErrorExplain(err))
  }

  fmt.Printf("%+v\n", response.Payload)
}

import { FalconClient } from "crowdstrike-falcon";

const client = new FalconClient({
  cloud: process.env.FALCON_CLOUD!,
  clientId: process.env.FALCON_CLIENT_ID!,
  clientSecret: process.env.FALCON_CLIENT_SECRET!,
});

const response = await client.dataProtectionConfiguration.entitiesSensitivityLabelDeleteV2(["ID1", "ID2", "ID3"]);  // ids

console.log(response);

require "crimson-falcon"

Falcon.configure do |config|
  config.client_id = ENV["FALCON_CLIENT_ID"]
  config.client_secret = ENV["FALCON_CLIENT_SECRET"]
  config.cloud = ENV["FALCON_CLOUD"]
end

api = Falcon::DataProtectionConfiguration.new

response = api.entities_sensitivity_label_delete_v2(['ID1', 'ID2', 'ID3'])

puts response

entities_local_application_group_get

Get particular local application groups.

GET /data-protection/entities/local-application-groups/v1

Scope Data Protection: READ Consumes · Produces application/json

PEP 8 get_local_application_group

Parameters

Name	Type	Data type	Description
ids	query	list of strings	The local application group id(s) to get.
parameters	query	dictionary	Full query string parameters payload in JSON format.

Code Examples

from falconpy import DataProtectionConfiguration

falcon = DataProtectionConfiguration(client_id=CLIENT_ID,
                                     client_secret=CLIENT_SECRET
                                     )

id_list = 'ID1,ID2,ID3'  # Can also pass a list here: ['ID1', 'ID2', 'ID3']

response = falcon.get_local_application_group(ids=id_list)
print(response)

from falconpy import DataProtectionConfiguration

falcon = DataProtectionConfiguration(client_id=CLIENT_ID,
                                     client_secret=CLIENT_SECRET
                                     )

id_list = 'ID1,ID2,ID3'  # Can also pass a list here: ['ID1', 'ID2', 'ID3']

response = falcon.entities_local_application_group_get(ids=id_list)
print(response)

from falconpy import APIHarnessV2

falcon = APIHarnessV2(client_id=CLIENT_ID,
                      client_secret=CLIENT_SECRET
                      )

id_list = 'ID1,ID2,ID3'  # Can also pass a list here: ['ID1', 'ID2', 'ID3']

response = falcon.command("entities_local_application_group_get",
                          ids=id_list)
print(response)

package main

import (
  "context"
  "fmt"
  "os"

  "github.com/crowdstrike/gofalcon/falcon"
  "github.com/crowdstrike/gofalcon/falcon/client/data_protection_configuration"
)

func main() {
  client, err := falcon.NewClient(&falcon.ApiConfig{
    ClientId:     os.Getenv("FALCON_CLIENT_ID"),
    ClientSecret: os.Getenv("FALCON_CLIENT_SECRET"),
    Context:      context.Background(),
  })
  if err != nil {
    panic(err)
  }

  response, err := client.DataProtectionConfiguration.EntitiesLocalApplicationGroupGet(
    &data_protection_configuration.EntitiesLocalApplicationGroupGetParams{
      Ids: []string{"ID1", "ID2", "ID3"},
      Context: context.Background(),
    },
  )
  if err != nil {
    panic(falcon.ErrorExplain(err))
  }

  fmt.Printf("%+v\n", response.Payload)
}

import { FalconClient } from "crowdstrike-falcon";

const client = new FalconClient({
  cloud: process.env.FALCON_CLOUD!,
  clientId: process.env.FALCON_CLIENT_ID!,
  clientSecret: process.env.FALCON_CLIENT_SECRET!,
});

const response = await client.dataProtectionConfiguration.entitiesLocalApplicationGroupGet(["ID1", "ID2", "ID3"]);  // ids

console.log(response);

require "crimson-falcon"

Falcon.configure do |config|
  config.client_id = ENV["FALCON_CLIENT_ID"]
  config.client_secret = ENV["FALCON_CLIENT_SECRET"]
  config.cloud = ENV["FALCON_CLOUD"]
end

api = Falcon::DataProtectionConfiguration.new

response = api.entities_local_application_group_get(['ID1', 'ID2', 'ID3'])

puts response

entities_local_application_group_create

Persist the given local application group for the provided entity instance.

POST /data-protection/entities/local-application-groups/v1

Scope Data Protection: WRITE Consumes · Produces application/json

PEP 8 create_local_application_group

Parameters

Name	Type	Data type	Description
body	body	dictionary	Full body payload in JSON format.
description	body	string	The description of the local application group.
local_application_ids	body	list of strings	List of local application IDs to include in the group.
name	body	string	The name of the local application group.

Code Examples

from falconpy import DataProtectionConfiguration

falcon = DataProtectionConfiguration(client_id=CLIENT_ID,
                                     client_secret=CLIENT_SECRET
                                     )

id_list = 'ID1,ID2,ID3'  # Can also pass a list here: ['ID1', 'ID2', 'ID3']

response = falcon.create_local_application_group(description="string",
                                                 local_application_ids=id_list,
                                                 name="string")
print(response)

from falconpy import DataProtectionConfiguration

falcon = DataProtectionConfiguration(client_id=CLIENT_ID,
                                     client_secret=CLIENT_SECRET
                                     )

id_list = 'ID1,ID2,ID3'  # Can also pass a list here: ['ID1', 'ID2', 'ID3']

response = falcon.entities_local_application_group_create(description="string",
                                                          local_application_ids=id_list,
                                                          name="string")
print(response)

from falconpy import APIHarnessV2

falcon = APIHarnessV2(client_id=CLIENT_ID,
                      client_secret=CLIENT_SECRET
                      )

id_list = 'ID1,ID2,ID3'  # Can also pass a list here: ['ID1', 'ID2', 'ID3']

body_payload = {
    "description": "string",
    "local_application_ids": ["string"],
    "name": "string"
}

response = falcon.command("entities_local_application_group_create", body=body_payload)
print(response)

package main

import (
  "context"
  "fmt"
  "os"

  "github.com/crowdstrike/gofalcon/falcon"
  "github.com/crowdstrike/gofalcon/falcon/client/data_protection_configuration"
  "github.com/crowdstrike/gofalcon/falcon/models"
)

func main() {
  client, err := falcon.NewClient(&falcon.ApiConfig{
    ClientId:     os.Getenv("FALCON_CLIENT_ID"),
    ClientSecret: os.Getenv("FALCON_CLIENT_SECRET"),
    Context:      context.Background(),
  })
  if err != nil {
    panic(err)
  }

  description := "string"
  name := "string"

  response, err := client.DataProtectionConfiguration.EntitiesLocalApplicationGroupCreate(
    &data_protection_configuration.EntitiesLocalApplicationGroupCreateParams{
      Body: &models.APILocalApplicationGroupCreateRequestV1{
        Description: &description,
        LocalApplicationIds: []string{"string"},
        Name: &name,
      },
      Context: context.Background(),
    },
  )
  if err != nil {
    panic(falcon.ErrorExplain(err))
  }

  fmt.Printf("%+v\n", response.Payload)
}

import { FalconClient } from "crowdstrike-falcon";

const client = new FalconClient({
  cloud: process.env.FALCON_CLOUD!,
  clientId: process.env.FALCON_CLIENT_ID!,
  clientSecret: process.env.FALCON_CLIENT_SECRET!,
});

const response = await client.dataProtectionConfiguration.entitiesLocalApplicationGroupCreate(
  {
    description: "string",
    localApplicationIds: [],
    name: "string"
}  // body
);

console.log(response);

require "crimson-falcon"

Falcon.configure do |config|
  config.client_id = ENV["FALCON_CLIENT_ID"]
  config.client_secret = ENV["FALCON_CLIENT_SECRET"]
  config.cloud = ENV["FALCON_CLOUD"]
end

api = Falcon::DataProtectionConfiguration.new

body = Falcon::ApiLocalApplicationGroupCreateRequestV1.new(
  description: 'string',
  local_application_ids: [],
  name: 'string'
)

response = api.entities_local_application_group_create(body)

puts response

entities_local_application_group_patch

Update a local application group.

PATCH /data-protection/entities/local-application-groups/v1

Scope Data Protection: WRITE Consumes · Produces application/json

PEP 8 update_local_application_group

Parameters

Name	Type	Data type	Description
id	query	string	The local app id to update.
body	body	dictionary	Full body payload in JSON format.
description	body	string	The description of the local application group.
local_application_ids	body	list of strings	List of local application IDs to include in the group.
name	body	string	The name of the local application group.
parameters	query	dictionary	Full query string parameters payload in JSON format.

Code Examples

from falconpy import DataProtectionConfiguration

falcon = DataProtectionConfiguration(client_id=CLIENT_ID,
                                     client_secret=CLIENT_SECRET
                                     )

id_list = 'ID1,ID2,ID3'  # Can also pass a list here: ['ID1', 'ID2', 'ID3']

response = falcon.update_local_application_group(id="string",
                                                 description="string",
                                                 local_application_ids=id_list,
                                                 name="string")
print(response)

from falconpy import DataProtectionConfiguration

falcon = DataProtectionConfiguration(client_id=CLIENT_ID,
                                     client_secret=CLIENT_SECRET
                                     )

id_list = 'ID1,ID2,ID3'  # Can also pass a list here: ['ID1', 'ID2', 'ID3']

response = falcon.entities_local_application_group_patch(id="string",
                                                         description="string",
                                                         local_application_ids=id_list,
                                                         name="string")
print(response)

from falconpy import APIHarnessV2

falcon = APIHarnessV2(client_id=CLIENT_ID,
                      client_secret=CLIENT_SECRET
                      )

id_list = 'ID1,ID2,ID3'  # Can also pass a list here: ['ID1', 'ID2', 'ID3']

body_payload = {
    "description": "string",
    "local_application_ids": ["string"],
    "name": "string"
}

response = falcon.command("entities_local_application_group_patch",
                          id="string",
                          body=body_payload)
print(response)

package main

import (
  "context"
  "fmt"
  "os"

  "github.com/crowdstrike/gofalcon/falcon"
  "github.com/crowdstrike/gofalcon/falcon/client/data_protection_configuration"
  "github.com/crowdstrike/gofalcon/falcon/models"
)

func main() {
  client, err := falcon.NewClient(&falcon.ApiConfig{
    ClientId:     os.Getenv("FALCON_CLIENT_ID"),
    ClientSecret: os.Getenv("FALCON_CLIENT_SECRET"),
    Context:      context.Background(),
  })
  if err != nil {
    panic(err)
  }

  description := "string"
  name := "string"

  response, err := client.DataProtectionConfiguration.EntitiesLocalApplicationGroupPatch(
    &data_protection_configuration.EntitiesLocalApplicationGroupPatchParams{
      Body: &models.APILocalApplicationGroupUpdateRequestV1{
        Description: &description,
        LocalApplicationIds: []string{"string"},
        Name: &name,
      },
      ID: "string",
      Context: context.Background(),
    },
  )
  if err != nil {
    panic(falcon.ErrorExplain(err))
  }

  fmt.Printf("%+v\n", response.Payload)
}

import { FalconClient } from "crowdstrike-falcon";

const client = new FalconClient({
  cloud: process.env.FALCON_CLOUD!,
  clientId: process.env.FALCON_CLIENT_ID!,
  clientSecret: process.env.FALCON_CLIENT_SECRET!,
});

const response = await client.dataProtectionConfiguration.entitiesLocalApplicationGroupPatch(
  "string",  // id
  {  // body
      description: "string",
      localApplicationIds: [],
      name: "string"
  }
);

console.log(response);

require "crimson-falcon"

Falcon.configure do |config|
  config.client_id = ENV["FALCON_CLIENT_ID"]
  config.client_secret = ENV["FALCON_CLIENT_SECRET"]
  config.cloud = ENV["FALCON_CLOUD"]
end

api = Falcon::DataProtectionConfiguration.new

body = Falcon::ApiLocalApplicationGroupUpdateRequestV1.new(
  description: 'string',
  local_application_ids: [],
  name: 'string'
)

response = api.entities_local_application_group_patch(body, 'string')

puts response

entities_local_application_group_delete

Soft Delete local application. The application won’t be visible anymore, but will still be in the database.

DELETE /data-protection/entities/local-application-groups/v1

Scope Data Protection: WRITE Consumes · Produces application/json

PEP 8 delete_local_application_group

Parameters

Name	Type	Data type	Description
ids	query	list of strings	The id of the local application group to delete.
parameters	query	dictionary	Full query string parameters payload in JSON format.

Code Examples

from falconpy import DataProtectionConfiguration

falcon = DataProtectionConfiguration(client_id=CLIENT_ID,
                                     client_secret=CLIENT_SECRET
                                     )

id_list = 'ID1,ID2,ID3'  # Can also pass a list here: ['ID1', 'ID2', 'ID3']

response = falcon.delete_local_application_group(ids=id_list)
print(response)

from falconpy import DataProtectionConfiguration

falcon = DataProtectionConfiguration(client_id=CLIENT_ID,
                                     client_secret=CLIENT_SECRET
                                     )

id_list = 'ID1,ID2,ID3'  # Can also pass a list here: ['ID1', 'ID2', 'ID3']

response = falcon.entities_local_application_group_delete(ids=id_list)
print(response)

from falconpy import APIHarnessV2

falcon = APIHarnessV2(client_id=CLIENT_ID,
                      client_secret=CLIENT_SECRET
                      )

id_list = 'ID1,ID2,ID3'  # Can also pass a list here: ['ID1', 'ID2', 'ID3']

response = falcon.command("entities_local_application_group_delete",
                          ids=id_list)
print(response)

package main

import (
  "context"
  "fmt"
  "os"

  "github.com/crowdstrike/gofalcon/falcon"
  "github.com/crowdstrike/gofalcon/falcon/client/data_protection_configuration"
)

func main() {
  client, err := falcon.NewClient(&falcon.ApiConfig{
    ClientId:     os.Getenv("FALCON_CLIENT_ID"),
    ClientSecret: os.Getenv("FALCON_CLIENT_SECRET"),
    Context:      context.Background(),
  })
  if err != nil {
    panic(err)
  }

  response, err := client.DataProtectionConfiguration.EntitiesLocalApplicationGroupDelete(
    &data_protection_configuration.EntitiesLocalApplicationGroupDeleteParams{
      Ids: []string{"ID1", "ID2", "ID3"},
      Context: context.Background(),
    },
  )
  if err != nil {
    panic(falcon.ErrorExplain(err))
  }

  fmt.Printf("%+v\n", response.Payload)
}

import { FalconClient } from "crowdstrike-falcon";

const client = new FalconClient({
  cloud: process.env.FALCON_CLOUD!,
  clientId: process.env.FALCON_CLIENT_ID!,
  clientSecret: process.env.FALCON_CLIENT_SECRET!,
});

const response = await client.dataProtectionConfiguration.entitiesLocalApplicationGroupDelete(["ID1", "ID2", "ID3"]);  // ids

console.log(response);

require "crimson-falcon"

Falcon.configure do |config|
  config.client_id = ENV["FALCON_CLIENT_ID"]
  config.client_secret = ENV["FALCON_CLIENT_SECRET"]
  config.cloud = ENV["FALCON_CLOUD"]
end

api = Falcon::DataProtectionConfiguration.new

response = api.entities_local_application_group_delete(['ID1', 'ID2', 'ID3'])

puts response

entities_local_application_get

Get a particular local application.

GET /data-protection/entities/local-applications/v1

Scope Data Protection: READ Consumes · Produces application/json

PEP 8 get_local_application

Parameters

Name	Type	Data type	Description
ids	query	list of strings	The local application id(s) to get.
parameters	query	dictionary	Full query string parameters payload in JSON format.

Code Examples

from falconpy import DataProtectionConfiguration

falcon = DataProtectionConfiguration(client_id=CLIENT_ID,
                                     client_secret=CLIENT_SECRET
                                     )

id_list = 'ID1,ID2,ID3'  # Can also pass a list here: ['ID1', 'ID2', 'ID3']

response = falcon.get_local_application(ids=id_list)
print(response)

from falconpy import DataProtectionConfiguration

falcon = DataProtectionConfiguration(client_id=CLIENT_ID,
                                     client_secret=CLIENT_SECRET
                                     )

id_list = 'ID1,ID2,ID3'  # Can also pass a list here: ['ID1', 'ID2', 'ID3']

response = falcon.entities_local_application_get(ids=id_list)
print(response)

from falconpy import APIHarnessV2

falcon = APIHarnessV2(client_id=CLIENT_ID,
                      client_secret=CLIENT_SECRET
                      )

id_list = 'ID1,ID2,ID3'  # Can also pass a list here: ['ID1', 'ID2', 'ID3']

response = falcon.command("entities_local_application_get",
                          ids=id_list)
print(response)

package main

import (
  "context"
  "fmt"
  "os"

  "github.com/crowdstrike/gofalcon/falcon"
  "github.com/crowdstrike/gofalcon/falcon/client/data_protection_configuration"
)

func main() {
  client, err := falcon.NewClient(&falcon.ApiConfig{
    ClientId:     os.Getenv("FALCON_CLIENT_ID"),
    ClientSecret: os.Getenv("FALCON_CLIENT_SECRET"),
    Context:      context.Background(),
  })
  if err != nil {
    panic(err)
  }

  response, err := client.DataProtectionConfiguration.EntitiesLocalApplicationGet(
    &data_protection_configuration.EntitiesLocalApplicationGetParams{
      Ids: []string{"ID1", "ID2", "ID3"},
      Context: context.Background(),
    },
  )
  if err != nil {
    panic(falcon.ErrorExplain(err))
  }

  fmt.Printf("%+v\n", response.Payload)
}

import { FalconClient } from "crowdstrike-falcon";

const client = new FalconClient({
  cloud: process.env.FALCON_CLOUD!,
  clientId: process.env.FALCON_CLIENT_ID!,
  clientSecret: process.env.FALCON_CLIENT_SECRET!,
});

const response = await client.dataProtectionConfiguration.entitiesLocalApplicationGet(["ID1", "ID2", "ID3"]);  // ids

console.log(response);

require "crimson-falcon"

Falcon.configure do |config|
  config.client_id = ENV["FALCON_CLIENT_ID"]
  config.client_secret = ENV["FALCON_CLIENT_SECRET"]
  config.cloud = ENV["FALCON_CLOUD"]
end

api = Falcon::DataProtectionConfiguration.new

response = api.entities_local_application_get(['ID1', 'ID2', 'ID3'])

puts response

entities_local_application_create

Persist the given local application for the provided entity instance.

POST /data-protection/entities/local-applications/v1

Scope Data Protection: WRITE Consumes · Produces application/json

PEP 8 create_local_application

Parameters

Name	Type	Data type	Description
body	body	dictionary	Full body payload in JSON format.
apply_rules_for_children_processes	body	boolean	Whether to apply rules for children processes of this application.
executable_name	body	string	The executable name of the local application.
group_ids	body	list of strings	List of group IDs to associate with this local application.
name	body	string	The name of the local application.

Code Examples

from falconpy import DataProtectionConfiguration

falcon = DataProtectionConfiguration(client_id=CLIENT_ID,
                                     client_secret=CLIENT_SECRET
                                     )

id_list = 'ID1,ID2,ID3'  # Can also pass a list here: ['ID1', 'ID2', 'ID3']

response = falcon.create_local_application(apply_rules_for_children_processes="string",
                                           executable_name="string",
                                           group_ids=id_list,
                                           name="string")
print(response)

from falconpy import DataProtectionConfiguration

falcon = DataProtectionConfiguration(client_id=CLIENT_ID,
                                     client_secret=CLIENT_SECRET
                                     )

id_list = 'ID1,ID2,ID3'  # Can also pass a list here: ['ID1', 'ID2', 'ID3']

response = falcon.entities_local_application_create(apply_rules_for_children_processes="string",
                                                    executable_name="string",
                                                    group_ids=id_list,
                                                    name="string")
print(response)

from falconpy import APIHarnessV2

falcon = APIHarnessV2(client_id=CLIENT_ID,
                      client_secret=CLIENT_SECRET
                      )

id_list = 'ID1,ID2,ID3'  # Can also pass a list here: ['ID1', 'ID2', 'ID3']

body_payload = {
    "apply_rules_for_children_processes": boolean,
    "emit_rule_matched_events_only": boolean,
    "enable_rename_detection": boolean,
    "executable_name": "string",
    "group_ids": ["string"],
    "name": "string"
}

response = falcon.command("entities_local_application_create", body=body_payload)
print(response)

package main

import (
  "context"
  "fmt"
  "os"

  "github.com/crowdstrike/gofalcon/falcon"
  "github.com/crowdstrike/gofalcon/falcon/client/data_protection_configuration"
  "github.com/crowdstrike/gofalcon/falcon/models"
)

func main() {
  client, err := falcon.NewClient(&falcon.ApiConfig{
    ClientId:     os.Getenv("FALCON_CLIENT_ID"),
    ClientSecret: os.Getenv("FALCON_CLIENT_SECRET"),
    Context:      context.Background(),
  })
  if err != nil {
    panic(err)
  }

  apply_rules_for_children_processes := boolean
  emit_rule_matched_events_only := boolean
  enable_rename_detection := boolean
  executable_name := "string"
  name := "string"

  response, err := client.DataProtectionConfiguration.EntitiesLocalApplicationCreate(
    &data_protection_configuration.EntitiesLocalApplicationCreateParams{
      Body: &models.APILocalApplicationCreateRequestV1{
        ApplyRulesForChildrenProcesses: &apply_rules_for_children_processes,
        EmitRuleMatchedEventsOnly: &emit_rule_matched_events_only,
        EnableRenameDetection: &enable_rename_detection,
        ExecutableName: &executable_name,
        GroupIds: []string{"string"},
        Name: &name,
      },
      Context: context.Background(),
    },
  )
  if err != nil {
    panic(falcon.ErrorExplain(err))
  }

  fmt.Printf("%+v\n", response.Payload)
}

import { FalconClient } from "crowdstrike-falcon";

const client = new FalconClient({
  cloud: process.env.FALCON_CLOUD!,
  clientId: process.env.FALCON_CLIENT_ID!,
  clientSecret: process.env.FALCON_CLIENT_SECRET!,
});

const response = await client.dataProtectionConfiguration.entitiesLocalApplicationCreate(
  {
    applyRulesForChildrenProcesses: boolean,
    emitRuleMatchedEventsOnly: boolean,
    enableRenameDetection: boolean,
    executableName: "string",
    groupIds: [],
    name: "string"
}  // body
);

console.log(response);

require "crimson-falcon"

Falcon.configure do |config|
  config.client_id = ENV["FALCON_CLIENT_ID"]
  config.client_secret = ENV["FALCON_CLIENT_SECRET"]
  config.cloud = ENV["FALCON_CLOUD"]
end

api = Falcon::DataProtectionConfiguration.new

body = Falcon::ApiLocalApplicationCreateRequestV1.new(
  apply_rules_for_children_processes: boolean,
  emit_rule_matched_events_only: boolean,
  enable_rename_detection: boolean,
  executable_name: 'string',
  group_ids: [],
  name: 'string'
)

response = api.entities_local_application_create(body)

puts response

entities_local_application_patch

Update a local application.

PATCH /data-protection/entities/local-applications/v1

Scope Data Protection: WRITE Consumes · Produces application/json

PEP 8 update_local_application

Parameters

Name	Type	Data type	Description
id	query	string	The local app id to update.
body	body	dictionary	Full body payload in JSON format.
apply_rules_for_children_processes	body	boolean	Whether to apply rules for children processes of this application.
executable_name	body	string	The executable name of the local application.
group_ids	body	list of strings	List of group IDs to associate with this local application.
name	body	string	The name of the local application.
parameters	query	dictionary	Full query string parameters payload in JSON format.

Code Examples

from falconpy import DataProtectionConfiguration

falcon = DataProtectionConfiguration(client_id=CLIENT_ID,
                                     client_secret=CLIENT_SECRET
                                     )

id_list = 'ID1,ID2,ID3'  # Can also pass a list here: ['ID1', 'ID2', 'ID3']

response = falcon.update_local_application(id="string",
                                           apply_rules_for_children_processes="string",
                                           executable_name="string",
                                           group_ids=id_list,
                                           name="string")
print(response)

from falconpy import DataProtectionConfiguration

falcon = DataProtectionConfiguration(client_id=CLIENT_ID,
                                     client_secret=CLIENT_SECRET
                                     )

id_list = 'ID1,ID2,ID3'  # Can also pass a list here: ['ID1', 'ID2', 'ID3']

response = falcon.entities_local_application_patch(id="string",
                                                   apply_rules_for_children_processes="string",
                                                   executable_name="string",
                                                   group_ids=id_list,
                                                   name="string")
print(response)

from falconpy import APIHarnessV2

falcon = APIHarnessV2(client_id=CLIENT_ID,
                      client_secret=CLIENT_SECRET
                      )

id_list = 'ID1,ID2,ID3'  # Can also pass a list here: ['ID1', 'ID2', 'ID3']

body_payload = {
    "apply_rules_for_children_processes": boolean,
    "emit_rule_matched_events_only": boolean,
    "enable_rename_detection": boolean,
    "executable_name": "string",
    "group_ids": ["string"],
    "name": "string"
}

response = falcon.command("entities_local_application_patch",
                          id="string",
                          body=body_payload)
print(response)

package main

import (
  "context"
  "fmt"
  "os"

  "github.com/crowdstrike/gofalcon/falcon"
  "github.com/crowdstrike/gofalcon/falcon/client/data_protection_configuration"
  "github.com/crowdstrike/gofalcon/falcon/models"
)

func main() {
  client, err := falcon.NewClient(&falcon.ApiConfig{
    ClientId:     os.Getenv("FALCON_CLIENT_ID"),
    ClientSecret: os.Getenv("FALCON_CLIENT_SECRET"),
    Context:      context.Background(),
  })
  if err != nil {
    panic(err)
  }

  apply_rules_for_children_processes := boolean
  emit_rule_matched_events_only := boolean
  enable_rename_detection := boolean
  executable_name := "string"
  name := "string"

  response, err := client.DataProtectionConfiguration.EntitiesLocalApplicationPatch(
    &data_protection_configuration.EntitiesLocalApplicationPatchParams{
      Body: &models.APILocalApplicationUpdateRequestV1{
        ApplyRulesForChildrenProcesses: &apply_rules_for_children_processes,
        EmitRuleMatchedEventsOnly: &emit_rule_matched_events_only,
        EnableRenameDetection: &enable_rename_detection,
        ExecutableName: &executable_name,
        GroupIds: []string{"string"},
        Name: &name,
      },
      ID: "string",
      Context: context.Background(),
    },
  )
  if err != nil {
    panic(falcon.ErrorExplain(err))
  }

  fmt.Printf("%+v\n", response.Payload)
}

import { FalconClient } from "crowdstrike-falcon";

const client = new FalconClient({
  cloud: process.env.FALCON_CLOUD!,
  clientId: process.env.FALCON_CLIENT_ID!,
  clientSecret: process.env.FALCON_CLIENT_SECRET!,
});

const response = await client.dataProtectionConfiguration.entitiesLocalApplicationPatch(
  "string",  // id
  {  // body
      applyRulesForChildrenProcesses: boolean,
      emitRuleMatchedEventsOnly: boolean,
      enableRenameDetection: boolean,
      executableName: "string",
      groupIds: [],
      name: "string"
  }
);

console.log(response);

require "crimson-falcon"

Falcon.configure do |config|
  config.client_id = ENV["FALCON_CLIENT_ID"]
  config.client_secret = ENV["FALCON_CLIENT_SECRET"]
  config.cloud = ENV["FALCON_CLOUD"]
end

api = Falcon::DataProtectionConfiguration.new

body = Falcon::ApiLocalApplicationUpdateRequestV1.new(
  apply_rules_for_children_processes: boolean,
  emit_rule_matched_events_only: boolean,
  enable_rename_detection: boolean,
  executable_name: 'string',
  group_ids: [],
  name: 'string'
)

response = api.entities_local_application_patch(body, 'string')

puts response

entities_local_application_delete

Soft Delete local application. The application wont be visible anymore, but will still be in the database.

DELETE /data-protection/entities/local-applications/v1

Scope Data Protection: WRITE Consumes · Produces application/json

PEP 8 delete_local_application

Parameters

Name	Type	Data type	Description
ids	query	list of strings	The id of the local application to delete.
parameters	query	dictionary	Full query string parameters payload in JSON format.

Code Examples

from falconpy import DataProtectionConfiguration

falcon = DataProtectionConfiguration(client_id=CLIENT_ID,
                                     client_secret=CLIENT_SECRET
                                     )

id_list = 'ID1,ID2,ID3'  # Can also pass a list here: ['ID1', 'ID2', 'ID3']

response = falcon.delete_local_application(ids=id_list)
print(response)

from falconpy import DataProtectionConfiguration

falcon = DataProtectionConfiguration(client_id=CLIENT_ID,
                                     client_secret=CLIENT_SECRET
                                     )

id_list = 'ID1,ID2,ID3'  # Can also pass a list here: ['ID1', 'ID2', 'ID3']

response = falcon.entities_local_application_delete(ids=id_list)
print(response)

from falconpy import APIHarnessV2

falcon = APIHarnessV2(client_id=CLIENT_ID,
                      client_secret=CLIENT_SECRET
                      )

id_list = 'ID1,ID2,ID3'  # Can also pass a list here: ['ID1', 'ID2', 'ID3']

response = falcon.command("entities_local_application_delete",
                          ids=id_list)
print(response)

package main

import (
  "context"
  "fmt"
  "os"

  "github.com/crowdstrike/gofalcon/falcon"
  "github.com/crowdstrike/gofalcon/falcon/client/data_protection_configuration"
)

func main() {
  client, err := falcon.NewClient(&falcon.ApiConfig{
    ClientId:     os.Getenv("FALCON_CLIENT_ID"),
    ClientSecret: os.Getenv("FALCON_CLIENT_SECRET"),
    Context:      context.Background(),
  })
  if err != nil {
    panic(err)
  }

  response, err := client.DataProtectionConfiguration.EntitiesLocalApplicationDelete(
    &data_protection_configuration.EntitiesLocalApplicationDeleteParams{
      Ids: []string{"ID1", "ID2", "ID3"},
      Context: context.Background(),
    },
  )
  if err != nil {
    panic(falcon.ErrorExplain(err))
  }

  fmt.Printf("%+v\n", response.Payload)
}

import { FalconClient } from "crowdstrike-falcon";

const client = new FalconClient({
  cloud: process.env.FALCON_CLOUD!,
  clientId: process.env.FALCON_CLIENT_ID!,
  clientSecret: process.env.FALCON_CLIENT_SECRET!,
});

const response = await client.dataProtectionConfiguration.entitiesLocalApplicationDelete(["ID1", "ID2", "ID3"]);  // ids

console.log(response);

require "crimson-falcon"

Falcon.configure do |config|
  config.client_id = ENV["FALCON_CLIENT_ID"]
  config.client_secret = ENV["FALCON_CLIENT_SECRET"]
  config.cloud = ENV["FALCON_CLOUD"]
end

api = Falcon::DataProtectionConfiguration.new

response = api.entities_local_application_delete(['ID1', 'ID2', 'ID3'])

puts response

entities_policy_get_v2

Get policies that match the provided ids.

GET /data-protection/entities/policies/v2

Scope Data Protection: READ Consumes · Produces application/json

PEP 8 get_policies

Parameters

Name	Type	Data type	Description
ids	query	list of strings	IDs of the policies to get.
parameters	query	dictionary	Full query string parameters payload in JSON format.

Code Examples

from falconpy import DataProtectionConfiguration

falcon = DataProtectionConfiguration(client_id=CLIENT_ID,
                                     client_secret=CLIENT_SECRET
                                     )

id_list = 'ID1,ID2,ID3'  # Can also pass a list here: ['ID1', 'ID2', 'ID3']

response = falcon.get_policies(ids=id_list)
print(response)

from falconpy import DataProtectionConfiguration

falcon = DataProtectionConfiguration(client_id=CLIENT_ID,
                                     client_secret=CLIENT_SECRET
                                     )

id_list = 'ID1,ID2,ID3'  # Can also pass a list here: ['ID1', 'ID2', 'ID3']

response = falcon.entities_policy_get_v2(ids=id_list)
print(response)

from falconpy import APIHarnessV2

falcon = APIHarnessV2(client_id=CLIENT_ID,
                      client_secret=CLIENT_SECRET
                      )

id_list = 'ID1,ID2,ID3'  # Can also pass a list here: ['ID1', 'ID2', 'ID3']

response = falcon.command("entities_policy_get_v2",
                          ids=id_list)
print(response)

package main

import (
  "context"
  "fmt"
  "os"

  "github.com/crowdstrike/gofalcon/falcon"
  "github.com/crowdstrike/gofalcon/falcon/client/data_protection_configuration"
)

func main() {
  client, err := falcon.NewClient(&falcon.ApiConfig{
    ClientId:     os.Getenv("FALCON_CLIENT_ID"),
    ClientSecret: os.Getenv("FALCON_CLIENT_SECRET"),
    Context:      context.Background(),
  })
  if err != nil {
    panic(err)
  }

  response, err := client.DataProtectionConfiguration.EntitiesPolicyGetV2(
    &data_protection_configuration.EntitiesPolicyGetV2Params{
      Ids: []string{"ID1", "ID2", "ID3"},
      Context: context.Background(),
    },
  )
  if err != nil {
    panic(falcon.ErrorExplain(err))
  }

  fmt.Printf("%+v\n", response.Payload)
}

import { FalconClient } from "crowdstrike-falcon";

const client = new FalconClient({
  cloud: process.env.FALCON_CLOUD!,
  clientId: process.env.FALCON_CLIENT_ID!,
  clientSecret: process.env.FALCON_CLIENT_SECRET!,
});

const response = await client.dataProtectionConfiguration.entitiesPolicyGetV2(["ID1", "ID2", "ID3"]);  // ids

console.log(response);

entities_policy_post_v2

Create policies.

POST /data-protection/entities/policies/v2

Scope Data Protection: WRITE Consumes · Produces application/json

PEP 8 create_policy

Parameters

Name	Type	Data type	Description
platform_name	query	string	platform name of the policies to update, either ‘win’ or ‘mac’.
body	body	dictionary	Full body payload in JSON format
description	body	string	The description of the new policy.
name	body	string	The name of the new policy.
policy_properties	body	dictionary	The properties of the new policy.
precedence	body	integer	The order of precedence.
parameters	query	dictionary	Full query string parameters payload in JSON format.

Code Examples

from falconpy import DataProtectionConfiguration

falcon = DataProtectionConfiguration(client_id=CLIENT_ID,
                                     client_secret=CLIENT_SECRET
                                     )

response = falcon.create_policy(platform_name="string",
                                description="string",
                                name="string",
                                policy_properties={},
                                precedence=integer)
print(response)

from falconpy import DataProtectionConfiguration

falcon = DataProtectionConfiguration(client_id=CLIENT_ID,
                                     client_secret=CLIENT_SECRET
                                     )

response = falcon.entities_policy_post_v2(platform_name="string",
                                          description="string",
                                          name="string",
                                          policy_properties={},
                                          precedence=integer)
print(response)

from falconpy import APIHarnessV2

falcon = APIHarnessV2(client_id=CLIENT_ID,
                      client_secret=CLIENT_SECRET
                      )

body_payload = {
    "resources": [
        {
            "description": "string",
            "name": "string",
            "policy_properties": {
                "allow_notifications": "string",
                "be_exclude_domains": "string",
                "be_paste_clipboard_max_size": integer,
                "be_paste_clipboard_max_size_unit": "string",
                "be_paste_clipboard_min_size": integer,
                "be_paste_clipboard_min_size_unit": "string",
                "be_paste_clipboard_over_size_behaviour_block": boolean,
                "be_paste_timeout_duration_milliseconds": integer,
                "be_paste_timeout_response": "string",
                "be_splash_custom_message": "string",
                "be_splash_enabled": boolean,
                "be_splash_message_source": "string",
                "be_upload_timeout_duration_seconds": integer,
                "be_upload_timeout_response": "string",
                "block_all_data_access": boolean,
                "block_notifications": "string",
                "browsers_without_active_extension": "string",
                "classifications": ["string"],
                "custom_allow_notification": "string",
                "custom_block_notification": "string",
                "enable_clipboard_inspection": boolean,
                "enable_content_inspection": boolean,
                "enable_context_inspection": boolean,
                "enable_end_user_notifications_unsupported_browser": boolean,
                "enable_network_inspection": boolean,
                "enable_screen_capture": boolean,
                "euj_dialog_box_logo": "string",
                "euj_dialog_timeout": integer,
                "euj_dropdown_options": {},
                "euj_header_text": {},
                "euj_require_additional_details": boolean,
                "evidence_download_enabled": boolean,
                "evidence_duplication_enabled_default": boolean,
                "evidence_encrypted_enabled": boolean,
                "evidence_storage_free_disk_perc": integer,
                "evidence_storage_max_size": integer,
                "inspection_depth": "string",
                "max_file_size_to_inspect": integer,
                "max_file_size_to_inspect_unit": "string",
                "min_confidence_level": "string",
                "network_inspection_files_exceeding_size_limit": "string",
                "screen_capture_duration_post_event": "string",
                "screen_capture_duration_pre_event": "string",
                "similarity_detection": boolean,
                "similarity_threshold": "string"
            },
            "precedence": integer
        }
    ]
}

response = falcon.command("entities_policy_post_v2",
                          platform_name="string",
                          body=body_payload)
print(response)

package main

import (
  "context"
  "fmt"
  "os"

  "github.com/crowdstrike/gofalcon/falcon"
  "github.com/crowdstrike/gofalcon/falcon/client/data_protection_configuration"
  "github.com/crowdstrike/gofalcon/falcon/models"
)

func main() {
  client, err := falcon.NewClient(&falcon.ApiConfig{
    ClientId:     os.Getenv("FALCON_CLIENT_ID"),
    ClientSecret: os.Getenv("FALCON_CLIENT_SECRET"),
    Context:      context.Background(),
  })
  if err != nil {
    panic(err)
  }

  description := "string"
  name := "string"
  precedence := integer

  response, err := client.DataProtectionConfiguration.EntitiesPolicyPostV2(
    &data_protection_configuration.EntitiesPolicyPostV2Params{
      Body: &models.PolicymanagerCreatePoliciesRequest{
        Resources: []interface{}{
          {
          Description: &description,
          Name: &name,
          PolicyProperties: &struct{}{},
          Precedence: &precedence,
          },
        },
      },
      PlatformName: "string",
      Context: context.Background(),
    },
  )
  if err != nil {
    panic(falcon.ErrorExplain(err))
  }

  fmt.Printf("%+v\n", response.Payload)
}

import { FalconClient } from "crowdstrike-falcon";

const client = new FalconClient({
  cloud: process.env.FALCON_CLOUD!,
  clientId: process.env.FALCON_CLIENT_ID!,
  clientSecret: process.env.FALCON_CLIENT_SECRET!,
});

const response = await client.dataProtectionConfiguration.entitiesPolicyPostV2(
  "string",  // platformName
  {  // body
      resources: [{
          description: "string",
          name: "string",
          policyProperties: {
            allowNotifications: "string",
            beExcludeDomains: "string",
            bePasteClipboardMaxSize: integer,
            bePasteClipboardMaxSizeUnit: "string",
            bePasteClipboardMinSize: integer,
            bePasteClipboardMinSizeUnit: "string",
            bePasteClipboardOverSizeBehaviourBlock: boolean,
            bePasteTimeoutDurationMilliseconds: integer,
            bePasteTimeoutResponse: "string",
            beSplashCustomMessage: "string",
            beSplashEnabled: boolean,
            beSplashMessageSource: "string",
            beUploadTimeoutDurationSeconds: integer,
            beUploadTimeoutResponse: "string",
            blockAllDataAccess: boolean,
            blockNotifications: "string",
            browsersWithoutActiveExtension: "string",
            classifications: [],
            customAllowNotification: "string",
            customBlockNotification: "string",
            enableClipboardInspection: boolean,
            enableContentInspection: boolean,
            enableContextInspection: boolean,
            enableEndUserNotificationsUnsupportedBrowser: boolean,
            enableNetworkInspection: boolean,
            enableScreenCapture: boolean,
            eujDialogBoxLogo: "string",
            eujDialogTimeout: integer,
            eujDropdownOptions: {},
            eujHeaderText: {},
            eujRequireAdditionalDetails: boolean,
            evidenceDownloadEnabled: boolean,
            evidenceDuplicationEnabledDefault: boolean,
            evidenceEncryptedEnabled: boolean,
            evidenceStorageFreeDiskPerc: integer,
            evidenceStorageMaxSize: integer,
            inspectionDepth: "string",
            maxFileSizeToInspect: integer,
            maxFileSizeToInspectUnit: "string",
            minConfidenceLevel: "string",
            networkInspectionFilesExceedingSizeLimit: "string",
            screenCaptureDurationPostEvent: "string",
            screenCaptureDurationPreEvent: "string",
            similarityDetection: boolean,
            similarityThreshold: "string"
          },
          precedence: integer
        }]
  }
);

console.log(response);

entities_policy_patch_v2

Update policies.

PATCH /data-protection/entities/policies/v2

Scope Data Protection: WRITE Consumes · Produces application/json

PEP 8 update_policies

Parameters

Name	Type	Data type	Description
platform_name	query	string	platform name of the policies to update, either ‘win’ or ‘mac’.
body	body	dictionary	Full body payload in JSON format
description	body	string	The description of the policy.
name	body	string	The name of the policy.
policy_properties	body	dictionary	The properties of the policy.
precedence	body	integer	The order of precedence.
parameters	query	dictionary	Full query string parameters payload in JSON format.

Code Examples

from falconpy import DataProtectionConfiguration

falcon = DataProtectionConfiguration(client_id=CLIENT_ID,
                                     client_secret=CLIENT_SECRET
                                     )

response = falcon.update_policies(platform_name="string",
                                  id="string",
                                  is_enabled=boolean,
                                  host_groups=["string"],
                                  description="string",
                                  name="string",
                                  policy_properties={},
                                  precedence=integer)
print(response)

from falconpy import DataProtectionConfiguration

falcon = DataProtectionConfiguration(client_id=CLIENT_ID,
                                     client_secret=CLIENT_SECRET
                                     )

response = falcon.entities_policy_patch_v2(platform_name="string",
                                           id="string",
                                           is_enabled=boolean,
                                           host_groups=["string"],
                                           description="string",
                                           name="string",
                                           policy_properties={},
                                           precedence=integer)
print(response)

from falconpy import APIHarnessV2

falcon = APIHarnessV2(client_id=CLIENT_ID,
                      client_secret=CLIENT_SECRET
                      )

body_payload = {
    "resources": [
        {
            "description": "string",
            "host_groups": ["string"],
            "id": "string",
            "is_enabled": boolean,
            "name": "string",
            "policy_properties": {
                "allow_notifications": "string",
                "be_exclude_domains": "string",
                "be_paste_clipboard_max_size": integer,
                "be_paste_clipboard_max_size_unit": "string",
                "be_paste_clipboard_min_size": integer,
                "be_paste_clipboard_min_size_unit": "string",
                "be_paste_clipboard_over_size_behaviour_block": boolean,
                "be_paste_timeout_duration_milliseconds": integer,
                "be_paste_timeout_response": "string",
                "be_splash_custom_message": "string",
                "be_splash_enabled": boolean,
                "be_splash_message_source": "string",
                "be_upload_timeout_duration_seconds": integer,
                "be_upload_timeout_response": "string",
                "block_all_data_access": boolean,
                "block_notifications": "string",
                "browsers_without_active_extension": "string",
                "classifications": ["string"],
                "custom_allow_notification": "string",
                "custom_block_notification": "string",
                "enable_clipboard_inspection": boolean,
                "enable_content_inspection": boolean,
                "enable_context_inspection": boolean,
                "enable_end_user_notifications_unsupported_browser": boolean,
                "enable_network_inspection": boolean,
                "enable_screen_capture": boolean,
                "euj_dialog_box_logo": "string",
                "euj_dialog_timeout": integer,
                "euj_dropdown_options": {},
                "euj_header_text": {},
                "euj_require_additional_details": boolean,
                "evidence_download_enabled": boolean,
                "evidence_duplication_enabled_default": boolean,
                "evidence_encrypted_enabled": boolean,
                "evidence_storage_free_disk_perc": integer,
                "evidence_storage_max_size": integer,
                "inspection_depth": "string",
                "max_file_size_to_inspect": integer,
                "max_file_size_to_inspect_unit": "string",
                "min_confidence_level": "string",
                "network_inspection_files_exceeding_size_limit": "string",
                "screen_capture_duration_post_event": "string",
                "screen_capture_duration_pre_event": "string",
                "similarity_detection": boolean,
                "similarity_threshold": "string"
            }
        }
    ]
}

response = falcon.command("entities_policy_patch_v2",
                          platform_name="string",
                          body=body_payload)
print(response)

package main

import (
  "context"
  "fmt"
  "os"

  "github.com/crowdstrike/gofalcon/falcon"
  "github.com/crowdstrike/gofalcon/falcon/client/data_protection_configuration"
  "github.com/crowdstrike/gofalcon/falcon/models"
)

func main() {
  client, err := falcon.NewClient(&falcon.ApiConfig{
    ClientId:     os.Getenv("FALCON_CLIENT_ID"),
    ClientSecret: os.Getenv("FALCON_CLIENT_SECRET"),
    Context:      context.Background(),
  })
  if err != nil {
    panic(err)
  }

  description := "string"
  id := "string"
  is_enabled := boolean
  name := "string"

  response, err := client.DataProtectionConfiguration.EntitiesPolicyPatchV2(
    &data_protection_configuration.EntitiesPolicyPatchV2Params{
      Body: &models.PolicymanagerUpdatePoliciesRequest{
        Resources: []interface{}{
          {
          Description: &description,
          HostGroups: []string{"string"},
          ID: &id,
          IsEnabled: &is_enabled,
          Name: &name,
          PolicyProperties: &struct{}{},
          },
        },
      },
      PlatformName: "string",
      Context: context.Background(),
    },
  )
  if err != nil {
    panic(falcon.ErrorExplain(err))
  }

  fmt.Printf("%+v\n", response.Payload)
}

import { FalconClient } from "crowdstrike-falcon";

const client = new FalconClient({
  cloud: process.env.FALCON_CLOUD!,
  clientId: process.env.FALCON_CLIENT_ID!,
  clientSecret: process.env.FALCON_CLIENT_SECRET!,
});

const response = await client.dataProtectionConfiguration.entitiesPolicyPatchV2(
  "string",  // platformName
  {  // body
      resources: [{
          description: "string",
          hostGroups: [],
          id: "string",
          isEnabled: boolean,
          name: "string",
          policyProperties: {
            allowNotifications: "string",
            beExcludeDomains: "string",
            bePasteClipboardMaxSize: integer,
            bePasteClipboardMaxSizeUnit: "string",
            bePasteClipboardMinSize: integer,
            bePasteClipboardMinSizeUnit: "string",
            bePasteClipboardOverSizeBehaviourBlock: boolean,
            bePasteTimeoutDurationMilliseconds: integer,
            bePasteTimeoutResponse: "string",
            beSplashCustomMessage: "string",
            beSplashEnabled: boolean,
            beSplashMessageSource: "string",
            beUploadTimeoutDurationSeconds: integer,
            beUploadTimeoutResponse: "string",
            blockAllDataAccess: boolean,
            blockNotifications: "string",
            browsersWithoutActiveExtension: "string",
            classifications: [],
            customAllowNotification: "string",
            customBlockNotification: "string",
            enableClipboardInspection: boolean,
            enableContentInspection: boolean,
            enableContextInspection: boolean,
            enableEndUserNotificationsUnsupportedBrowser: boolean,
            enableNetworkInspection: boolean,
            enableScreenCapture: boolean,
            eujDialogBoxLogo: "string",
            eujDialogTimeout: integer,
            eujDropdownOptions: {},
            eujHeaderText: {},
            eujRequireAdditionalDetails: boolean,
            evidenceDownloadEnabled: boolean,
            evidenceDuplicationEnabledDefault: boolean,
            evidenceEncryptedEnabled: boolean,
            evidenceStorageFreeDiskPerc: integer,
            evidenceStorageMaxSize: integer,
            inspectionDepth: "string",
            maxFileSizeToInspect: integer,
            maxFileSizeToInspectUnit: "string",
            minConfidenceLevel: "string",
            networkInspectionFilesExceedingSizeLimit: "string",
            screenCaptureDurationPostEvent: "string",
            screenCaptureDurationPreEvent: "string",
            similarityDetection: boolean,
            similarityThreshold: "string"
          }
        }]
  }
);

console.log(response);

entities_policy_delete_v2

Delete policies that match the provided ids.

DELETE /data-protection/entities/policies/v2

Scope Data Protection: WRITE Consumes · Produces application/json

PEP 8 delete_policies

Parameters

Name	Type	Data type	Description
ids	query	list of strings	IDs of the policies to delete.
platform_name	query	string	platform name of the policies to update, either ‘win’ or ‘mac’.
parameters	query	dictionary	Full query string parameters payload in JSON format.

Code Examples

from falconpy import DataProtectionConfiguration

falcon = DataProtectionConfiguration(client_id=CLIENT_ID,
                                     client_secret=CLIENT_SECRET
                                     )

id_list = 'ID1,ID2,ID3'  # Can also pass a list here: ['ID1', 'ID2', 'ID3']

response = falcon.delete_policies(ids=id_list, platform_name="string")
print(response)

from falconpy import DataProtectionConfiguration

falcon = DataProtectionConfiguration(client_id=CLIENT_ID,
                                     client_secret=CLIENT_SECRET
                                     )

id_list = 'ID1,ID2,ID3'  # Can also pass a list here: ['ID1', 'ID2', 'ID3']

response = falcon.entities_policy_delete_v2(ids=id_list, platform_name="string")
print(response)

from falconpy import APIHarnessV2

falcon = APIHarnessV2(client_id=CLIENT_ID,
                      client_secret=CLIENT_SECRET
                      )

id_list = 'ID1,ID2,ID3'  # Can also pass a list here: ['ID1', 'ID2', 'ID3']

response = falcon.command("entities_policy_delete_v2",
                          ids=id_list,
                          platform_name="string")
print(response)

package main

import (
  "context"
  "fmt"
  "os"

  "github.com/crowdstrike/gofalcon/falcon"
  "github.com/crowdstrike/gofalcon/falcon/client/data_protection_configuration"
)

func main() {
  client, err := falcon.NewClient(&falcon.ApiConfig{
    ClientId:     os.Getenv("FALCON_CLIENT_ID"),
    ClientSecret: os.Getenv("FALCON_CLIENT_SECRET"),
    Context:      context.Background(),
  })
  if err != nil {
    panic(err)
  }

  response, err := client.DataProtectionConfiguration.EntitiesPolicyDeleteV2(
    &data_protection_configuration.EntitiesPolicyDeleteV2Params{
      Ids: []string{"ID1", "ID2", "ID3"},
      PlatformName: "string",
      Context: context.Background(),
    },
  )
  if err != nil {
    panic(falcon.ErrorExplain(err))
  }

  fmt.Printf("%+v\n", response.Payload)
}

import { FalconClient } from "crowdstrike-falcon";

const client = new FalconClient({
  cloud: process.env.FALCON_CLOUD!,
  clientId: process.env.FALCON_CLIENT_ID!,
  clientSecret: process.env.FALCON_CLIENT_SECRET!,
});

const response = await client.dataProtectionConfiguration.entitiesPolicyDeleteV2(
  ["ID1", "ID2", "ID3"],  // ids
  "string"  // platformName
);

console.log(response);

entities_web_location_get_v2

Get web-location entities matching the provided ID(s).

GET /data-protection/entities/web-locations/v2

Scope Data Protection: READ Consumes · Produces application/json

PEP 8 get_web_location

Parameters

Name	Type	Data type	Description
ids	query	list of strings	The web-location entity id(s) to get.
parameters	query	dictionary	Full query string parameters payload in JSON format.

Code Examples

from falconpy import DataProtectionConfiguration

falcon = DataProtectionConfiguration(client_id=CLIENT_ID,
                                     client_secret=CLIENT_SECRET
                                     )

id_list = 'ID1,ID2,ID3'  # Can also pass a list here: ['ID1', 'ID2', 'ID3']

response = falcon.get_web_location(ids=id_list)
print(response)

from falconpy import DataProtectionConfiguration

falcon = DataProtectionConfiguration(client_id=CLIENT_ID,
                                     client_secret=CLIENT_SECRET
                                     )

id_list = 'ID1,ID2,ID3'  # Can also pass a list here: ['ID1', 'ID2', 'ID3']

response = falcon.entities_web_location_get_v2(ids=id_list)
print(response)

from falconpy import APIHarnessV2

falcon = APIHarnessV2(client_id=CLIENT_ID,
                      client_secret=CLIENT_SECRET
                      )

id_list = 'ID1,ID2,ID3'  # Can also pass a list here: ['ID1', 'ID2', 'ID3']

response = falcon.command("entities_web_location_get_v2",
                          ids=id_list)
print(response)

package main

import (
  "context"
  "fmt"
  "os"

  "github.com/crowdstrike/gofalcon/falcon"
  "github.com/crowdstrike/gofalcon/falcon/client/data_protection_configuration"
)

func main() {
  client, err := falcon.NewClient(&falcon.ApiConfig{
    ClientId:     os.Getenv("FALCON_CLIENT_ID"),
    ClientSecret: os.Getenv("FALCON_CLIENT_SECRET"),
    Context:      context.Background(),
  })
  if err != nil {
    panic(err)
  }

  response, err := client.DataProtectionConfiguration.EntitiesWebLocationGetV2(
    &data_protection_configuration.EntitiesWebLocationGetV2Params{
      Ids: []string{"ID1", "ID2", "ID3"},
      Context: context.Background(),
    },
  )
  if err != nil {
    panic(falcon.ErrorExplain(err))
  }

  fmt.Printf("%+v\n", response.Payload)
}

import { FalconClient } from "crowdstrike-falcon";

const client = new FalconClient({
  cloud: process.env.FALCON_CLOUD!,
  clientId: process.env.FALCON_CLIENT_ID!,
  clientSecret: process.env.FALCON_CLIENT_SECRET!,
});

const response = await client.dataProtectionConfiguration.entitiesWebLocationGetV2(["ID1", "ID2", "ID3"]);  // ids

console.log(response);

require "crimson-falcon"

Falcon.configure do |config|
  config.client_id = ENV["FALCON_CLIENT_ID"]
  config.client_secret = ENV["FALCON_CLIENT_SECRET"]
  config.cloud = ENV["FALCON_CLOUD"]
end

api = Falcon::DataProtectionConfiguration.new

response = api.entities_web_location_get_v2(['ID1', 'ID2', 'ID3'])

puts response

entities_web_location_create_v2

Persist the given web-locations.

POST /data-protection/entities/web-locations/v2

Scope Data Protection: WRITE Consumes · Produces application/json

PEP 8 create_web_location

Parameters

Name	Type	Data type	Description
body	body	dictionary	Full body payload in JSON format
application_id	body	string	The ID of the application.
deleted	body	boolean	Flag indicating if this location is deleted.
enterprise_account_id	body	string	Associated enterprise account ID.
location_type	body	string	Location type.
name	body	string	Location name.
provider_location_id	body	string	Provider location ID.
provider_location_name	body	string	Provider location name.
type	body	string	Type.

Code Examples

from falconpy import DataProtectionConfiguration

falcon = DataProtectionConfiguration(client_id=CLIENT_ID,
                                     client_secret=CLIENT_SECRET
                                     )

response = falcon.create_web_location(application_id="string",
                                      application_id="string",
                                      deleted=boolean,
                                      enterprise_account_id="string",
                                      location_type="string",
                                      name="string",
                                      provider_location_id="string",
                                      provider_location_name="string",
                                      type="string")
print(response)

from falconpy import DataProtectionConfiguration

falcon = DataProtectionConfiguration(client_id=CLIENT_ID,
                                     client_secret=CLIENT_SECRET
                                     )

response = falcon.entities_web_location_create_v2(application_id="string",
                                                  application_id="string",
                                                  deleted=boolean,
                                                  enterprise_account_id="string",
                                                  location_type="string",
                                                  name="string",
                                                  provider_location_id="string",
                                                  provider_location_name="string",
                                                  type="string")
print(response)

from falconpy import APIHarnessV2

falcon = APIHarnessV2(client_id=CLIENT_ID,
                      client_secret=CLIENT_SECRET
                      )

body_payload = {
    "web_locations": [
        {
            "application_id": "string",
            "deleted": boolean,
            "enterprise_account_id": "string",
            "location_type": "string",
            "name": "string",
            "provider_location_id": "string",
            "provider_location_name": "string",
            "type": "string"
        }
    ]
}

response = falcon.command("entities_web_location_create_v2", body=body_payload)
print(response)

package main

import (
  "context"
  "fmt"
  "os"

  "github.com/crowdstrike/gofalcon/falcon"
  "github.com/crowdstrike/gofalcon/falcon/client/data_protection_configuration"
  "github.com/crowdstrike/gofalcon/falcon/models"
)

func main() {
  client, err := falcon.NewClient(&falcon.ApiConfig{
    ClientId:     os.Getenv("FALCON_CLIENT_ID"),
    ClientSecret: os.Getenv("FALCON_CLIENT_SECRET"),
    Context:      context.Background(),
  })
  if err != nil {
    panic(err)
  }

  application_id := "string"
  deleted := boolean
  enterprise_account_id := "string"
  location_type := "string"
  name := "string"
  provider_location_id := "string"
  provider_location_name := "string"
  type := "string"

  response, err := client.DataProtectionConfiguration.EntitiesWebLocationCreateV2(
    &data_protection_configuration.EntitiesWebLocationCreateV2Params{
      Body: &models.APICreateWebLocationsRequestV2{
        WebLocations: []interface{}{
          {
          ApplicationID: &application_id,
          Deleted: &deleted,
          EnterpriseAccountID: &enterprise_account_id,
          LocationType: &location_type,
          Name: &name,
          ProviderLocationID: &provider_location_id,
          ProviderLocationName: &provider_location_name,
          Type: &type,
          },
        },
      },
      Context: context.Background(),
    },
  )
  if err != nil {
    panic(falcon.ErrorExplain(err))
  }

  fmt.Printf("%+v\n", response.Payload)
}

import { FalconClient } from "crowdstrike-falcon";

const client = new FalconClient({
  cloud: process.env.FALCON_CLOUD!,
  clientId: process.env.FALCON_CLIENT_ID!,
  clientSecret: process.env.FALCON_CLIENT_SECRET!,
});

const response = await client.dataProtectionConfiguration.entitiesWebLocationCreateV2(
  {
    webLocations: [{
        applicationId: "string",
        deleted: boolean,
        enterpriseAccountId: "string",
        locationType: "string",
        name: "string",
        providerLocationId: "string",
        providerLocationName: "string",
        type: "string"
      }]
}  // body
);

console.log(response);

require "crimson-falcon"

Falcon.configure do |config|
  config.client_id = ENV["FALCON_CLIENT_ID"]
  config.client_secret = ENV["FALCON_CLIENT_SECRET"]
  config.cloud = ENV["FALCON_CLOUD"]
end

api = Falcon::DataProtectionConfiguration.new

body = Falcon::ApiCreateWebLocationsRequestV2.new(
  web_locations: [{
      application_id: 'string',
      deleted: boolean,
      enterprise_account_id: 'string',
      location_type: 'string',
      name: 'string',
      provider_location_id: 'string',
      provider_location_name: 'string',
      type: 'string'
    }]
)

response = api.entities_web_location_create_v2(body)

puts response

entities_web_location_patch_v2

Update a web-location.

PATCH /data-protection/entities/web-locations/v2

Scope Data Protection: WRITE Consumes · Produces application/json

PEP 8 update_web_location

Parameters

Name	Type	Data type	Description
id	query	string	The web-location entity ID to update.
body	body	dictionary	Full body payload in JSON format
application_id	body	string	The ID of the application.
deleted	body	boolean	Flag indicating if this location is deleted.
enterprise_account_id	body	string	Associated enterprise account ID.
location_type	body	string	Location type.
name	body	string	Location name.
provider_location_id	body	string	Provider location ID.
provider_location_name	body	string	Provider location name.
type	body	string	Type.
parameters	query	dictionary	Full query string parameters payload in JSON format.

Code Examples

from falconpy import DataProtectionConfiguration

falcon = DataProtectionConfiguration(client_id=CLIENT_ID,
                                     client_secret=CLIENT_SECRET
                                     )

response = falcon.update_web_location(application_id="string",
                                      application_id="string",
                                      deleted=boolean,
                                      enterprise_account_id="string",
                                      location_type="string",
                                      name="string",
                                      provider_location_id="string",
                                      provider_location_name="string",
                                      type="string")
print(response)

from falconpy import DataProtectionConfiguration

falcon = DataProtectionConfiguration(client_id=CLIENT_ID,
                                     client_secret=CLIENT_SECRET
                                     )

response = falcon.entities_web_location_patch_v2(application_id="string",
                                                 application_id="string",
                                                 deleted=boolean,
                                                 enterprise_account_id="string",
                                                 location_type="string",
                                                 name="string",
                                                 provider_location_id="string",
                                                 provider_location_name="string",
                                                 type="string")
print(response)

from falconpy import APIHarnessV2

falcon = APIHarnessV2(client_id=CLIENT_ID,
                      client_secret=CLIENT_SECRET
                      )

body_payload = {
    "application_id": "string",
    "deleted": boolean,
    "enterprise_account_id": "string",
    "id": "string",
    "location_type": "string",
    "name": "string",
    "provider_location_id": "string",
    "provider_location_name": "string",
    "type": "string"
}

response = falcon.command("entities_web_location_patch_v2",
                          id="string",
                          body=body_payload)
print(response)

package main

import (
  "context"
  "fmt"
  "os"

  "github.com/crowdstrike/gofalcon/falcon"
  "github.com/crowdstrike/gofalcon/falcon/client/data_protection_configuration"
  "github.com/crowdstrike/gofalcon/falcon/models"
)

func main() {
  client, err := falcon.NewClient(&falcon.ApiConfig{
    ClientId:     os.Getenv("FALCON_CLIENT_ID"),
    ClientSecret: os.Getenv("FALCON_CLIENT_SECRET"),
    Context:      context.Background(),
  })
  if err != nil {
    panic(err)
  }

  application_id := "string"
  deleted := boolean
  enterprise_account_id := "string"
  id := "string"
  location_type := "string"
  name := "string"
  provider_location_id := "string"
  provider_location_name := "string"
  type := "string"

  response, err := client.DataProtectionConfiguration.EntitiesWebLocationPatchV2(
    &data_protection_configuration.EntitiesWebLocationPatchV2Params{
      Body: &models.APIUpdateWebLocationRequestV2{
        ApplicationID: &application_id,
        Deleted: &deleted,
        EnterpriseAccountID: &enterprise_account_id,
        ID: &id,
        LocationType: &location_type,
        Name: &name,
        ProviderLocationID: &provider_location_id,
        ProviderLocationName: &provider_location_name,
        Type: &type,
      },
      ID: "string",
      Context: context.Background(),
    },
  )
  if err != nil {
    panic(falcon.ErrorExplain(err))
  }

  fmt.Printf("%+v\n", response.Payload)
}

import { FalconClient } from "crowdstrike-falcon";

const client = new FalconClient({
  cloud: process.env.FALCON_CLOUD!,
  clientId: process.env.FALCON_CLIENT_ID!,
  clientSecret: process.env.FALCON_CLIENT_SECRET!,
});

const response = await client.dataProtectionConfiguration.entitiesWebLocationPatchV2(
  "string",  // id
  {  // body
      applicationId: "string",
      deleted: boolean,
      enterpriseAccountId: "string",
      id: "string",
      locationType: "string",
      name: "string",
      providerLocationId: "string",
      providerLocationName: "string",
      type: "string"
  }
);

console.log(response);

require "crimson-falcon"

Falcon.configure do |config|
  config.client_id = ENV["FALCON_CLIENT_ID"]
  config.client_secret = ENV["FALCON_CLIENT_SECRET"]
  config.cloud = ENV["FALCON_CLOUD"]
end

api = Falcon::DataProtectionConfiguration.new

body = Falcon::ApiUpdateWebLocationRequestV2.new(
  application_id: 'string',
  deleted: boolean,
  enterprise_account_id: 'string',
  id: 'string',
  location_type: 'string',
  name: 'string',
  provider_location_id: 'string',
  provider_location_name: 'string',
  type: 'string'
)

response = api.entities_web_location_patch_v2(body, 'string')

puts response

entities_web_location_delete_v2

Delete web-location.

DELETE /data-protection/entities/web-locations/v2

Scope Data Protection: WRITE Consumes · Produces application/json

PEP 8 delete_web_location

Parameters

Name	Type	Data type	Description
ids	query	list of strings	The IDs of the web-location to delete.
parameters	query	dictionary	Full query string parameters payload in JSON format.

Code Examples

from falconpy import DataProtectionConfiguration

falcon = DataProtectionConfiguration(client_id=CLIENT_ID,
                                     client_secret=CLIENT_SECRET
                                     )

id_list = 'ID1,ID2,ID3'  # Can also pass a list here: ['ID1', 'ID2', 'ID3']

response = falcon.delete_web_location(ids=id_list)
print(response)

from falconpy import DataProtectionConfiguration

falcon = DataProtectionConfiguration(client_id=CLIENT_ID,
                                     client_secret=CLIENT_SECRET
                                     )

id_list = 'ID1,ID2,ID3'  # Can also pass a list here: ['ID1', 'ID2', 'ID3']

response = falcon.entities_web_location_delete_v2(ids=id_list)
print(response)

from falconpy import APIHarnessV2

falcon = APIHarnessV2(client_id=CLIENT_ID,
                      client_secret=CLIENT_SECRET
                      )

id_list = 'ID1,ID2,ID3'  # Can also pass a list here: ['ID1', 'ID2', 'ID3']

response = falcon.command("entities_web_location_delete_v2",
                          ids=id_list)
print(response)

package main

import (
  "context"
  "fmt"
  "os"

  "github.com/crowdstrike/gofalcon/falcon"
  "github.com/crowdstrike/gofalcon/falcon/client/data_protection_configuration"
)

func main() {
  client, err := falcon.NewClient(&falcon.ApiConfig{
    ClientId:     os.Getenv("FALCON_CLIENT_ID"),
    ClientSecret: os.Getenv("FALCON_CLIENT_SECRET"),
    Context:      context.Background(),
  })
  if err != nil {
    panic(err)
  }

  response, err := client.DataProtectionConfiguration.EntitiesWebLocationDeleteV2(
    &data_protection_configuration.EntitiesWebLocationDeleteV2Params{
      Ids: []string{"ID1", "ID2", "ID3"},
      Context: context.Background(),
    },
  )
  if err != nil {
    panic(falcon.ErrorExplain(err))
  }

  fmt.Printf("%+v\n", response.Payload)
}

import { FalconClient } from "crowdstrike-falcon";

const client = new FalconClient({
  cloud: process.env.FALCON_CLOUD!,
  clientId: process.env.FALCON_CLIENT_ID!,
  clientSecret: process.env.FALCON_CLIENT_SECRET!,
});

const response = await client.dataProtectionConfiguration.entitiesWebLocationDeleteV2(["ID1", "ID2", "ID3"]);  // ids

console.log(response);

require "crimson-falcon"

Falcon.configure do |config|
  config.client_id = ENV["FALCON_CLIENT_ID"]
  config.client_secret = ENV["FALCON_CLIENT_SECRET"]
  config.cloud = ENV["FALCON_CLOUD"]
end

api = Falcon::DataProtectionConfiguration.new

response = api.entities_web_location_delete_v2(['ID1', 'ID2', 'ID3'])

puts response

queries_classification_get_v2

Search for classifications that match the provided criteria.

GET /data-protection/queries/classifications/v2

Scope Data Protection: READ Consumes · Produces application/json

PEP 8 query_classifications

Parameters

Name	Type	Data type	Description
filter	query	string	Filter results by specific attributes. Allowed attributes are: `name`, `created_at`, `modified_at`, `properties.content_patterns`, `properties.content_patterns_operator`, `properties.file_types`, `properties.sensitivity_labels`, `created_by`, `modified_by`, `properties.evidence_duplication_enabled`, `properties.protection_mode`, `properties.web_sources`.
sort	query	string	The property to sort by. Allowed fields are: `name`, `created_at`, `modified_at`.
limit	query	integer	The maximum records to return. [maximum: 500, minimum: integer, default: 100]
offset	query	integer	The offset to start retrieving records from. [maximum: 10000, minimum: integer]
parameters	query	dictionary	Full query string parameters payload in JSON format.

Code Examples

from falconpy import DataProtectionConfiguration

falcon = DataProtectionConfiguration(client_id=CLIENT_ID,
                                     client_secret=CLIENT_SECRET
                                     )

response = falcon.query_classifications(filter="string",
                                        offset=integer,
                                        limit=integer,
                                        sort="string")
print(response)

from falconpy import DataProtectionConfiguration

falcon = DataProtectionConfiguration(client_id=CLIENT_ID,
                                     client_secret=CLIENT_SECRET
                                     )

response = falcon.queries_classification_get_v2(filter="string",
                                                offset=integer,
                                                limit=integer,
                                                sort="string")
print(response)

from falconpy import APIHarnessV2

falcon = APIHarnessV2(client_id=CLIENT_ID,
                      client_secret=CLIENT_SECRET
                      )

response = falcon.command("queries_classification_get_v2",
                          filter="string",
                          offset=integer,
                          limit=integer,
                          sort="string")
print(response)

package main

import (
  "context"
  "fmt"
  "os"

  "github.com/crowdstrike/gofalcon/falcon"
  "github.com/crowdstrike/gofalcon/falcon/client/data_protection_configuration"
)

func main() {
  client, err := falcon.NewClient(&falcon.ApiConfig{
    ClientId:     os.Getenv("FALCON_CLIENT_ID"),
    ClientSecret: os.Getenv("FALCON_CLIENT_SECRET"),
    Context:      context.Background(),
  })
  if err != nil {
    panic(err)
  }

  filter := "string"
  offset := int64(0)
  limit := int64(0)
  sort := "string"

  response, err := client.DataProtectionConfiguration.QueriesClassificationGetV2(
    &data_protection_configuration.QueriesClassificationGetV2Params{
      Filter: &filter,
      Offset: &offset,
      Limit: &limit,
      Sort: &sort,
      Context: context.Background(),
    },
  )
  if err != nil {
    panic(falcon.ErrorExplain(err))
  }

  fmt.Printf("%+v\n", response.Payload)
}

import { FalconClient } from "crowdstrike-falcon";

const client = new FalconClient({
  cloud: process.env.FALCON_CLOUD!,
  clientId: process.env.FALCON_CLIENT_ID!,
  clientSecret: process.env.FALCON_CLIENT_SECRET!,
});

const response = await client.dataProtectionConfiguration.queriesClassificationGetV2(
  "string",  // filter
  integer,  // offset
  integer,  // limit
  "string"  // sort
);

console.log(response);

queries_cloud_application_get_v2

Get all cloud-application IDs matching the query with filter.

GET /data-protection/queries/cloud-applications/v2

Scope Data Protection: READ Consumes · Produces application/json

PEP 8 query_cloud_applications

Parameters

Name	Type	Data type	Description
filter	query	string	Optional filter for searching cloud applications.
sort	query	string	The sort instructions to order by on.
limit	query	integer	The number of items to return in this response (default: 100, max: 500). Use with the offset parameter to manage pagination of results.
offset	query	integer	The offset to start retrieving records from. Use with the limit parameter to manage pagination of results.
parameters	query	dictionary	Full query string parameters payload in JSON format.

Code Examples

from falconpy import DataProtectionConfiguration

falcon = DataProtectionConfiguration(client_id=CLIENT_ID,
                                     client_secret=CLIENT_SECRET
                                     )

response = falcon.query_cloud_applications(filter="string",
                                           sort="string",
                                           limit=integer,
                                           offset=integer)
print(response)

from falconpy import DataProtectionConfiguration

falcon = DataProtectionConfiguration(client_id=CLIENT_ID,
                                     client_secret=CLIENT_SECRET
                                     )

response = falcon.queries_cloud_application_get_v2(filter="string",
                                                   sort="string",
                                                   limit=integer,
                                                   offset=integer)
print(response)

from falconpy import APIHarnessV2

falcon = APIHarnessV2(client_id=CLIENT_ID,
                      client_secret=CLIENT_SECRET
                      )

response = falcon.command("queries_cloud_application_get_v2",
                          filter="string",
                          sort="string",
                          limit=integer,
                          offset=integer)
print(response)

package main

import (
  "context"
  "fmt"
  "os"

  "github.com/crowdstrike/gofalcon/falcon"
  "github.com/crowdstrike/gofalcon/falcon/client/data_protection_configuration"
)

func main() {
  client, err := falcon.NewClient(&falcon.ApiConfig{
    ClientId:     os.Getenv("FALCON_CLIENT_ID"),
    ClientSecret: os.Getenv("FALCON_CLIENT_SECRET"),
    Context:      context.Background(),
  })
  if err != nil {
    panic(err)
  }

  filter := "string"
  sort := "string"
  limit := int64(0)
  offset := int64(0)

  response, err := client.DataProtectionConfiguration.QueriesCloudApplicationGetV2(
    &data_protection_configuration.QueriesCloudApplicationGetV2Params{
      Filter: &filter,
      Sort: &sort,
      Limit: &limit,
      Offset: &offset,
      Context: context.Background(),
    },
  )
  if err != nil {
    panic(falcon.ErrorExplain(err))
  }

  fmt.Printf("%+v\n", response.Payload)
}

import { FalconClient } from "crowdstrike-falcon";

const client = new FalconClient({
  cloud: process.env.FALCON_CLOUD!,
  clientId: process.env.FALCON_CLIENT_ID!,
  clientSecret: process.env.FALCON_CLIENT_SECRET!,
});

const response = await client.dataProtectionConfiguration.queriesCloudApplicationGetV2(
  "string",  // filter
  "string",  // sort
  integer,  // limit
  integer  // offset
);

console.log(response);

require "crimson-falcon"

Falcon.configure do |config|
  config.client_id = ENV["FALCON_CLIENT_ID"]
  config.client_secret = ENV["FALCON_CLIENT_SECRET"]
  config.cloud = ENV["FALCON_CLOUD"]
end

api = Falcon::DataProtectionConfiguration.new

response = api.queries_cloud_application_get_v2(filter: 'string',
                                                sort: 'string',
                                                limit: integer,
                                                offset: integer)

puts response

queries_content_pattern_get_v2

Get all content-pattern IDs matching the query with filter.

GET /data-protection/queries/content-patterns/v2

Scope Data Protection: READ Consumes · Produces application/json

PEP 8 query_content_patterns

Parameters

Name	Type	Data type	Description
filter	query	string	The filter to use when finding content patterns.
sort	query	string	The sort instructions to order by on.
limit	query	integer	The number of items to return in this response (default: 100, max: 500). Use with the offset parameter to manage pagination of results.
offset	query	integer	The offset to start retrieving records from. Use with the limit parameter to manage pagination of results.
parameters	query	dictionary	Full query string parameters payload in JSON format.

Code Examples

from falconpy import DataProtectionConfiguration

falcon = DataProtectionConfiguration(client_id=CLIENT_ID,
                                     client_secret=CLIENT_SECRET
                                     )

response = falcon.query_content_patterns(filter="string",
                                         sort="string",
                                         limit=integer,
                                         offset=integer)
print(response)

from falconpy import DataProtectionConfiguration

falcon = DataProtectionConfiguration(client_id=CLIENT_ID,
                                     client_secret=CLIENT_SECRET
                                     )

response = falcon.queries_content_pattern_get_v2(filter="string",
                                                 sort="string",
                                                 limit=integer,
                                                 offset=integer)
print(response)

from falconpy import APIHarnessV2

falcon = APIHarnessV2(client_id=CLIENT_ID,
                      client_secret=CLIENT_SECRET
                      )

response = falcon.command("queries_content_pattern_get_v2",
                          filter="string",
                          sort="string",
                          limit=integer,
                          offset=integer)
print(response)

package main

import (
  "context"
  "fmt"
  "os"

  "github.com/crowdstrike/gofalcon/falcon"
  "github.com/crowdstrike/gofalcon/falcon/client/data_protection_configuration"
)

func main() {
  client, err := falcon.NewClient(&falcon.ApiConfig{
    ClientId:     os.Getenv("FALCON_CLIENT_ID"),
    ClientSecret: os.Getenv("FALCON_CLIENT_SECRET"),
    Context:      context.Background(),
  })
  if err != nil {
    panic(err)
  }

  filter := "string"
  sort := "string"
  limit := int64(0)
  offset := int64(0)

  response, err := client.DataProtectionConfiguration.QueriesContentPatternGetV2(
    &data_protection_configuration.QueriesContentPatternGetV2Params{
      Filter: &filter,
      Sort: &sort,
      Limit: &limit,
      Offset: &offset,
      Context: context.Background(),
    },
  )
  if err != nil {
    panic(falcon.ErrorExplain(err))
  }

  fmt.Printf("%+v\n", response.Payload)
}

import { FalconClient } from "crowdstrike-falcon";

const client = new FalconClient({
  cloud: process.env.FALCON_CLOUD!,
  clientId: process.env.FALCON_CLIENT_ID!,
  clientSecret: process.env.FALCON_CLIENT_SECRET!,
});

const response = await client.dataProtectionConfiguration.queriesContentPatternGetV2(
  "string",  // filter
  "string",  // sort
  integer,  // limit
  integer  // offset
);

console.log(response);

require "crimson-falcon"

Falcon.configure do |config|
  config.client_id = ENV["FALCON_CLIENT_ID"]
  config.client_secret = ENV["FALCON_CLIENT_SECRET"]
  config.cloud = ENV["FALCON_CLOUD"]
end

api = Falcon::DataProtectionConfiguration.new

response = api.queries_content_pattern_get_v2(filter: 'string',
                                              sort: 'string',
                                              limit: integer,
                                              offset: integer)

puts response

queries_enterprise_account_get_v2

Get all enterprise-account IDs matching the query with filter.

GET /data-protection/queries/enterprise-accounts/v2

Scope Data Protection: READ Consumes · Produces application/json

PEP 8 query_enterprise_accounts

Parameters

Name	Type	Data type	Description
filter	query	string	The filter to use when finding enterprise accounts.
sort	query	string	The sort instructions to order by on.
limit	query	integer	The number of items to return in this response (default: 100, max: 500). Use with the offset parameter to manage pagination of results.
offset	query	integer	The offset to start retrieving records from. Use with the limit parameter to manage pagination of results.
parameters	query	dictionary	Full query string parameters payload in JSON format.

Code Examples

from falconpy import DataProtectionConfiguration

falcon = DataProtectionConfiguration(client_id=CLIENT_ID,
                                     client_secret=CLIENT_SECRET
                                     )

response = falcon.query_enterprise_accounts(filter="string",
                                            sort=integer,
                                            limit=integer,
                                            offset=integer)
print(response)

from falconpy import DataProtectionConfiguration

falcon = DataProtectionConfiguration(client_id=CLIENT_ID,
                                     client_secret=CLIENT_SECRET
                                     )

response = falcon.queries_enterprise_account_get_v2(filter="string",
                                                    sort=integer,
                                                    limit=integer,
                                                    offset=integer)
print(response)

from falconpy import APIHarnessV2

falcon = APIHarnessV2(client_id=CLIENT_ID,
                      client_secret=CLIENT_SECRET
                      )

response = falcon.command("queries_enterprise_account_get_v2",
                          filter="string",
                          sort="string",
                          limit=integer,
                          offset=integer)
print(response)

package main

import (
  "context"
  "fmt"
  "os"

  "github.com/crowdstrike/gofalcon/falcon"
  "github.com/crowdstrike/gofalcon/falcon/client/data_protection_configuration"
)

func main() {
  client, err := falcon.NewClient(&falcon.ApiConfig{
    ClientId:     os.Getenv("FALCON_CLIENT_ID"),
    ClientSecret: os.Getenv("FALCON_CLIENT_SECRET"),
    Context:      context.Background(),
  })
  if err != nil {
    panic(err)
  }

  filter := "string"
  sort := "string"
  limit := int64(0)
  offset := int64(0)

  response, err := client.DataProtectionConfiguration.QueriesEnterpriseAccountGetV2(
    &data_protection_configuration.QueriesEnterpriseAccountGetV2Params{
      Filter: &filter,
      Sort: &sort,
      Limit: &limit,
      Offset: &offset,
      Context: context.Background(),
    },
  )
  if err != nil {
    panic(falcon.ErrorExplain(err))
  }

  fmt.Printf("%+v\n", response.Payload)
}

import { FalconClient } from "crowdstrike-falcon";

const client = new FalconClient({
  cloud: process.env.FALCON_CLOUD!,
  clientId: process.env.FALCON_CLIENT_ID!,
  clientSecret: process.env.FALCON_CLIENT_SECRET!,
});

const response = await client.dataProtectionConfiguration.queriesEnterpriseAccountGetV2(
  "string",  // filter
  "string",  // sort
  integer,  // limit
  integer  // offset
);

console.log(response);

require "crimson-falcon"

Falcon.configure do |config|
  config.client_id = ENV["FALCON_CLIENT_ID"]
  config.client_secret = ENV["FALCON_CLIENT_SECRET"]
  config.cloud = ENV["FALCON_CLOUD"]
end

api = Falcon::DataProtectionConfiguration.new

response = api.queries_enterprise_account_get_v2(filter: 'string',
                                                 sort: 'string',
                                                 limit: integer,
                                                 offset: integer)

puts response

queries_file_type_get_v2

Get all file-type IDs matching the query with filter.

GET /data-protection/queries/file-types/v2

Scope Data Protection: READ Consumes · Produces application/json

PEP 8 query_file_type

Parameters

Name	Type	Data type	Description
filter	query	string	The filter to use when finding file types.
sort	query	string	The sort instructions to order by on.
limit	query	integer	The number of items to return in this response (default: 100, max: 500). Use with the offset parameter to manage pagination of results.
offset	query	integer	The offset to start retrieving records from. Use with the limit parameter to manage pagination of results.
parameters	query	dictionary	Full query string parameters payload in JSON format.

Code Examples

from falconpy import DataProtectionConfiguration

falcon = DataProtectionConfiguration(client_id=CLIENT_ID,
                                     client_secret=CLIENT_SECRET
                                     )

response = falcon.query_file_type(filter="string",
                                  sort="string",
                                  limit=integer,
                                  offset=integer)
print(response)

from falconpy import DataProtectionConfiguration

falcon = DataProtectionConfiguration(client_id=CLIENT_ID,
                                     client_secret=CLIENT_SECRET
                                     )

response = falcon.queries_file_type_get_v2(filter="string",
                                           sort="string",
                                           limit=integer,
                                           offset=integer)
print(response)

from falconpy import APIHarnessV2

falcon = APIHarnessV2(client_id=CLIENT_ID,
                      client_secret=CLIENT_SECRET
                      )

response = falcon.command("queries_file_type_get_v2",
                          filter="string",
                          sort="string",
                          limit=integer,
                          offset=integer)
print(response)

package main

import (
  "context"
  "fmt"
  "os"

  "github.com/crowdstrike/gofalcon/falcon"
  "github.com/crowdstrike/gofalcon/falcon/client/data_protection_configuration"
)

func main() {
  client, err := falcon.NewClient(&falcon.ApiConfig{
    ClientId:     os.Getenv("FALCON_CLIENT_ID"),
    ClientSecret: os.Getenv("FALCON_CLIENT_SECRET"),
    Context:      context.Background(),
  })
  if err != nil {
    panic(err)
  }

  filter := "string"
  sort := "string"
  limit := int64(0)
  offset := int64(0)

  response, err := client.DataProtectionConfiguration.QueriesFileTypeGetV2(
    &data_protection_configuration.QueriesFileTypeGetV2Params{
      Filter: &filter,
      Sort: &sort,
      Limit: &limit,
      Offset: &offset,
      Context: context.Background(),
    },
  )
  if err != nil {
    panic(falcon.ErrorExplain(err))
  }

  fmt.Printf("%+v\n", response.Payload)
}

import { FalconClient } from "crowdstrike-falcon";

const client = new FalconClient({
  cloud: process.env.FALCON_CLOUD!,
  clientId: process.env.FALCON_CLIENT_ID!,
  clientSecret: process.env.FALCON_CLIENT_SECRET!,
});

const response = await client.dataProtectionConfiguration.queriesFileTypeGetV2(
  "string",  // filter
  "string",  // sort
  integer,  // limit
  integer  // offset
);

console.log(response);

require "crimson-falcon"

Falcon.configure do |config|
  config.client_id = ENV["FALCON_CLIENT_ID"]
  config.client_secret = ENV["FALCON_CLIENT_SECRET"]
  config.cloud = ENV["FALCON_CLOUD"]
end

api = Falcon::DataProtectionConfiguration.new

response = api.queries_file_type_get_v2(filter: 'string',
                                        sort: 'string',
                                        limit: integer,
                                        offset: integer)

puts response

queries_sensitivity_label_get_v2

Get all sensitivity label IDs matching the query with filter.

GET /data-protection/queries/labels/v2

Scope Data Protection: READ Consumes · Produces application/json

PEP 8 query_sensitivity_label

Parameters

Name	Type	Data type	Description
filter	query	string	The filter to use when finding sensitivity labels.
sort	query	string	The sort instructions to order by on.
limit	query	integer	The number of items to return in this response (default: 100, max: 500). Use with the offset parameter to manage pagination of results.
offset	query	integer	The offset to start retrieving records from. Use with the limit parameter to manage pagination of results.
parameters	query	dictionary	Full query string parameters payload in JSON format.

Code Examples

from falconpy import DataProtectionConfiguration

falcon = DataProtectionConfiguration(client_id=CLIENT_ID,
                                     client_secret=CLIENT_SECRET
                                     )

response = falcon.query_sensitivity_label(filter="string",
                                          sort="string",
                                          limit=integer,
                                          offset=integer)
print(response)

from falconpy import DataProtectionConfiguration

falcon = DataProtectionConfiguration(client_id=CLIENT_ID,
                                     client_secret=CLIENT_SECRET
                                     )

response = falcon.queries_sensitivity_label_get_v2(filter="string",
                                                   sort="string",
                                                   limit=integer,
                                                   offset=integer)
print(response)

from falconpy import APIHarnessV2

falcon = APIHarnessV2(client_id=CLIENT_ID,
                      client_secret=CLIENT_SECRET
                      )

response = falcon.command("queries_sensitivity_label_get_v2",
                          filter="string",
                          sort="string",
                          limit=integer,
                          offset=integer)
print(response)

package main

import (
  "context"
  "fmt"
  "os"

  "github.com/crowdstrike/gofalcon/falcon"
  "github.com/crowdstrike/gofalcon/falcon/client/data_protection_configuration"
)

func main() {
  client, err := falcon.NewClient(&falcon.ApiConfig{
    ClientId:     os.Getenv("FALCON_CLIENT_ID"),
    ClientSecret: os.Getenv("FALCON_CLIENT_SECRET"),
    Context:      context.Background(),
  })
  if err != nil {
    panic(err)
  }

  filter := "string"
  sort := "string"
  limit := int64(0)
  offset := int64(0)

  response, err := client.DataProtectionConfiguration.QueriesSensitivityLabelGetV2(
    &data_protection_configuration.QueriesSensitivityLabelGetV2Params{
      Filter: &filter,
      Sort: &sort,
      Limit: &limit,
      Offset: &offset,
      Context: context.Background(),
    },
  )
  if err != nil {
    panic(falcon.ErrorExplain(err))
  }

  fmt.Printf("%+v\n", response.Payload)
}

import { FalconClient } from "crowdstrike-falcon";

const client = new FalconClient({
  cloud: process.env.FALCON_CLOUD!,
  clientId: process.env.FALCON_CLIENT_ID!,
  clientSecret: process.env.FALCON_CLIENT_SECRET!,
});

const response = await client.dataProtectionConfiguration.queriesSensitivityLabelGetV2(
  "string",  // filter
  "string",  // sort
  integer,  // limit
  integer  // offset
);

console.log(response);

require "crimson-falcon"

Falcon.configure do |config|
  config.client_id = ENV["FALCON_CLIENT_ID"]
  config.client_secret = ENV["FALCON_CLIENT_SECRET"]
  config.cloud = ENV["FALCON_CLOUD"]
end

api = Falcon::DataProtectionConfiguration.new

response = api.queries_sensitivity_label_get_v2(filter: 'string',
                                                sort: 'string',
                                                limit: integer,
                                                offset: integer)

puts response

queries_local_application_group_get

Get all local application group IDs matching the query with filter.

GET /data-protection/queries/local-application-groups/v1

Scope Data Protection: READ Consumes · Produces application/json

PEP 8 query_local_application_groups

Parameters

Name	Type	Data type	Description
filter	query	string	Optional filter for searching local application groups. Allowed filters are: `name` (string), `is_deleted` (boolean), `platform` (string), `created_at` and `updated_at`.
limit	query	integer	The number of items to return in this response (default: 100, max: 500). Use with the offset parameter to manage pagination of results.
offset	query	integer	The offset to start retrieving records from. Use with the limit parameter to manage pagination of results.
parameters	query	dictionary	Full query string parameters payload in JSON format.

Code Examples

from falconpy import DataProtectionConfiguration

falcon = DataProtectionConfiguration(client_id=CLIENT_ID,
                                     client_secret=CLIENT_SECRET
                                     )

response = falcon.query_local_application_groups(filter="string",
                                                 limit=integer,
                                                 offset=integer)
print(response)

from falconpy import DataProtectionConfiguration

falcon = DataProtectionConfiguration(client_id=CLIENT_ID,
                                     client_secret=CLIENT_SECRET
                                     )

response = falcon.queries_local_application_group_get(filter="string",
                                                      limit=integer,
                                                      offset=integer)
print(response)

from falconpy import APIHarnessV2

falcon = APIHarnessV2(client_id=CLIENT_ID,
                      client_secret=CLIENT_SECRET
                      )

response = falcon.command("queries_local_application_group_get",
                          filter="string",
                          limit=integer,
                          offset=integer)
print(response)

package main

import (
  "context"
  "fmt"
  "os"

  "github.com/crowdstrike/gofalcon/falcon"
  "github.com/crowdstrike/gofalcon/falcon/client/data_protection_configuration"
)

func main() {
  client, err := falcon.NewClient(&falcon.ApiConfig{
    ClientId:     os.Getenv("FALCON_CLIENT_ID"),
    ClientSecret: os.Getenv("FALCON_CLIENT_SECRET"),
    Context:      context.Background(),
  })
  if err != nil {
    panic(err)
  }

  filter := "string"
  limit := int64(0)
  offset := int64(0)

  response, err := client.DataProtectionConfiguration.QueriesLocalApplicationGroupGet(
    &data_protection_configuration.QueriesLocalApplicationGroupGetParams{
      Filter: &filter,
      Limit: &limit,
      Offset: &offset,
      Context: context.Background(),
    },
  )
  if err != nil {
    panic(falcon.ErrorExplain(err))
  }

  fmt.Printf("%+v\n", response.Payload)
}

import { FalconClient } from "crowdstrike-falcon";

const client = new FalconClient({
  cloud: process.env.FALCON_CLOUD!,
  clientId: process.env.FALCON_CLIENT_ID!,
  clientSecret: process.env.FALCON_CLIENT_SECRET!,
});

const response = await client.dataProtectionConfiguration.queriesLocalApplicationGroupGet(
  "string",  // filter
  integer,  // limit
  integer  // offset
);

console.log(response);

require "crimson-falcon"

Falcon.configure do |config|
  config.client_id = ENV["FALCON_CLIENT_ID"]
  config.client_secret = ENV["FALCON_CLIENT_SECRET"]
  config.cloud = ENV["FALCON_CLOUD"]
end

api = Falcon::DataProtectionConfiguration.new

response = api.queries_local_application_group_get('string')

puts response

queries_local_application_get

Get all local-application IDs matching the query with filter.

GET /data-protection/queries/local-applications/v1

Scope Data Protection: READ Consumes · Produces application/json

PEP 8 query_local_applications

Parameters

Name	Type	Data type	Description
filter	query	string	Optional filter for searching local applications. Allowed filters are: `name` (string), `is_deleted` (boolean), `created_at` and `updated_at`.
limit	query	integer	The number of items to return in this response (default: 100, max: 500). Use with the offset parameter to manage pagination of results.
offset	query	integer	The offset to start retrieving records from. Use with the limit parameter to manage pagination of results.
parameters	query	dictionary	Full query string parameters payload in JSON format.

Code Examples

from falconpy import DataProtectionConfiguration

falcon = DataProtectionConfiguration(client_id=CLIENT_ID,
                                     client_secret=CLIENT_SECRET
                                     )

response = falcon.query_local_applications(filter="string",
                                           limit=integer,
                                           offset=integer)
print(response)

from falconpy import DataProtectionConfiguration

falcon = DataProtectionConfiguration(client_id=CLIENT_ID,
                                     client_secret=CLIENT_SECRET
                                     )

response = falcon.queries_local_application_get(filter="string",
                                                limit=integer,
                                                offset=integer)
print(response)

from falconpy import APIHarnessV2

falcon = APIHarnessV2(client_id=CLIENT_ID,
                      client_secret=CLIENT_SECRET
                      )

response = falcon.command("queries_local_application_get",
                          filter="string",
                          limit=integer,
                          offset=integer)
print(response)

package main

import (
  "context"
  "fmt"
  "os"

  "github.com/crowdstrike/gofalcon/falcon"
  "github.com/crowdstrike/gofalcon/falcon/client/data_protection_configuration"
)

func main() {
  client, err := falcon.NewClient(&falcon.ApiConfig{
    ClientId:     os.Getenv("FALCON_CLIENT_ID"),
    ClientSecret: os.Getenv("FALCON_CLIENT_SECRET"),
    Context:      context.Background(),
  })
  if err != nil {
    panic(err)
  }

  filter := "string"
  limit := int64(0)
  offset := int64(0)

  response, err := client.DataProtectionConfiguration.QueriesLocalApplicationGet(
    &data_protection_configuration.QueriesLocalApplicationGetParams{
      Filter: &filter,
      Limit: &limit,
      Offset: &offset,
      Context: context.Background(),
    },
  )
  if err != nil {
    panic(falcon.ErrorExplain(err))
  }

  fmt.Printf("%+v\n", response.Payload)
}

import { FalconClient } from "crowdstrike-falcon";

const client = new FalconClient({
  cloud: process.env.FALCON_CLOUD!,
  clientId: process.env.FALCON_CLIENT_ID!,
  clientSecret: process.env.FALCON_CLIENT_SECRET!,
});

const response = await client.dataProtectionConfiguration.queriesLocalApplicationGet(
  "string",  // filter
  integer,  // limit
  integer  // offset
);

console.log(response);

require "crimson-falcon"

Falcon.configure do |config|
  config.client_id = ENV["FALCON_CLIENT_ID"]
  config.client_secret = ENV["FALCON_CLIENT_SECRET"]
  config.cloud = ENV["FALCON_CLOUD"]
end

api = Falcon::DataProtectionConfiguration.new

response = api.queries_local_application_get('string')

puts response

queries_policy_get_v2

Search for policies that match the provided criteria.

GET /data-protection/queries/policies/v2

Scope Data Protection: READ Consumes · Produces application/json

PEP 8 query_policies

Parameters

Name	Type	Data type	Description
platform_name	query	string	platform name of the policies to search, either ‘win’ or ‘mac’.
filter	query	string	Filter results by specific attributes. Allowed attributes are: `name`, `properties.enable_content_inspection`, `properties.be_exclude_domains`, `properties.be_upload_timeout_response`, `properties.be_paste_clipboard_max_size`, `properties.evidence_storage_max_size`, `precedence`, `created_at`, `modified_at`, `properties.similarity_threshold`, `properties.enable_clipboard_inspection`, `properties.evidence_encrypted_enabled`, `properties.enable_network_inspection`, `properties.besplash_message_source`, `properties.min_confidence_level`, `properties.unsupported_browsers_action`, `properties.similarity_detection`, `properties.classifications`, `properties.besplash_enabled`, `properties.be_paste_timeout_response`, `properties.be_paste_clipboard_min_size_unit`, `properties.be_paste_clipboard_over_size_behaviour_block`, `properties.browsers_without_active_extension`, `description`, `is_enabled`, `created_by`, `properties.max_file_size_to_inspect_unit`, `properties.block_all_data_access`, `properties.be_paste_timeout_duration_milliseconds`, `properties.be_paste_clipboard_min_size`, `is_default`, `modified_by`, `properties.enable_context_inspection`, `properties.inspection_depth`, `properties.evidence_download_enabled`, `properties.besplash_custom_message`, `properties.be_upload_timeout_duration_seconds`, `properties.enable_end_user_notifications_unsupported_browser`, `properties.custom_allow_notification`, `properties.custom_block_notification`, `properties.be_paste_clipboard_max_size_unit`, `properties.evidence_storage_free_disk_perc`, `properties.max_file_size_to_inspect`, `properties.allow_notifications`, `properties.block_notifications`, `properties.evidence_duplication_enabled_default`, `properties.network_inspection_files_exceeding_size_limit`.
offset	query	integer	The offset to start retrieving records from. [maximum: 10000, minimum: integer]
limit	query	integer	The maximum records to return. [maximum: 500, minimum: integer, default: 100]
sort	query	string	The property to sort by. Allowed fields are: `modified_at`, `name`, `precedence`, `created_at`.
parameters	query	dictionary	Full query string parameters payload in JSON format.

Code Examples

from falconpy import DataProtectionConfiguration

falcon = DataProtectionConfiguration(client_id=CLIENT_ID,
                                     client_secret=CLIENT_SECRET
                                     )

response = falcon.query_policies(platform_name="string",
                                 filter="string",
                                 offset=integer,
                                 limit=integer,
                                 sort="string")
print(response)

from falconpy import DataProtectionConfiguration

falcon = DataProtectionConfiguration(client_id=CLIENT_ID,
                                     client_secret=CLIENT_SECRET
                                     )

response = falcon.queries_policy_get_v2(platform_name="string",
                                        filter="string",
                                        offset=integer,
                                        limit=integer,
                                        sort="string")
print(response)

from falconpy import APIHarnessV2

falcon = APIHarnessV2(client_id=CLIENT_ID,
                      client_secret=CLIENT_SECRET
                      )

response = falcon.command("queries_policy_get_v2",
                          platform_name="string",
                          filter="string",
                          offset=integer,
                          limit=integer,
                          sort="string")
print(response)

package main

import (
  "context"
  "fmt"
  "os"

  "github.com/crowdstrike/gofalcon/falcon"
  "github.com/crowdstrike/gofalcon/falcon/client/data_protection_configuration"
)

func main() {
  client, err := falcon.NewClient(&falcon.ApiConfig{
    ClientId:     os.Getenv("FALCON_CLIENT_ID"),
    ClientSecret: os.Getenv("FALCON_CLIENT_SECRET"),
    Context:      context.Background(),
  })
  if err != nil {
    panic(err)
  }

  filter := "string"
  offset := int64(0)
  limit := int64(0)
  sort := "string"

  response, err := client.DataProtectionConfiguration.QueriesPolicyGetV2(
    &data_protection_configuration.QueriesPolicyGetV2Params{
      PlatformName: "string",
      Filter: &filter,
      Offset: &offset,
      Limit: &limit,
      Sort: &sort,
      Context: context.Background(),
    },
  )
  if err != nil {
    panic(falcon.ErrorExplain(err))
  }

  fmt.Printf("%+v\n", response.Payload)
}

import { FalconClient } from "crowdstrike-falcon";

const client = new FalconClient({
  cloud: process.env.FALCON_CLOUD!,
  clientId: process.env.FALCON_CLIENT_ID!,
  clientSecret: process.env.FALCON_CLIENT_SECRET!,
});

const response = await client.dataProtectionConfiguration.queriesPolicyGetV2(
  "string",  // platformName
  "string",  // filter
  integer,  // offset
  integer,  // limit
  "string"  // sort
);

console.log(response);

queries_web_location_get_v2

Get web-location IDs matching the query with filter.

GET /data-protection/queries/web-locations/v2

Scope Data Protection: READ Consumes · Produces application/json

PEP 8 query_web_locations

Parameters

Name	Type	Data type	Description
filter	query	string	The filter to use when finding web locations.
type	query	string	The type of entity to query. Allowed values are: predefined, custom.
limit	query	integer	The number of items to return in this response (default: 100, max: 500). Use with the offset parameter to manage pagination of results.
offset	query	integer	The offset to start retrieving records from. Use with the limit parameter to manage pagination of results.
parameters	query	dictionary	Full query string parameters payload in JSON format.

Code Examples

from falconpy import DataProtectionConfiguration

falcon = DataProtectionConfiguration(client_id=CLIENT_ID,
                                     client_secret=CLIENT_SECRET
                                     )

response = falcon.query_web_locations(filter="string",
                                      type="string",
                                      limit="string",
                                      offset=integer)
print(response)

from falconpy import DataProtectionConfiguration

falcon = DataProtectionConfiguration(client_id=CLIENT_ID,
                                     client_secret=CLIENT_SECRET
                                     )

response = falcon.queries_web_location_get_v2(filter="string",
                                              type="string",
                                              limit="string",
                                              offset=integer)
print(response)

from falconpy import APIHarnessV2

falcon = APIHarnessV2(client_id=CLIENT_ID,
                      client_secret=CLIENT_SECRET
                      )

response = falcon.command("queries_web_location_get_v2",
                          filter="string",
                          type="string",
                          limit=integer,
                          offset=integer)
print(response)

package main

import (
  "context"
  "fmt"
  "os"

  "github.com/crowdstrike/gofalcon/falcon"
  "github.com/crowdstrike/gofalcon/falcon/client/data_protection_configuration"
)

func main() {
  client, err := falcon.NewClient(&falcon.ApiConfig{
    ClientId:     os.Getenv("FALCON_CLIENT_ID"),
    ClientSecret: os.Getenv("FALCON_CLIENT_SECRET"),
    Context:      context.Background(),
  })
  if err != nil {
    panic(err)
  }

  filter := "string"
  type := "string"
  limit := int64(0)
  offset := int64(0)

  response, err := client.DataProtectionConfiguration.QueriesWebLocationGetV2(
    &data_protection_configuration.QueriesWebLocationGetV2Params{
      Filter: &filter,
      Type: &type,
      Limit: &limit,
      Offset: &offset,
      Context: context.Background(),
    },
  )
  if err != nil {
    panic(falcon.ErrorExplain(err))
  }

  fmt.Printf("%+v\n", response.Payload)
}

import { FalconClient } from "crowdstrike-falcon";

const client = new FalconClient({
  cloud: process.env.FALCON_CLOUD!,
  clientId: process.env.FALCON_CLIENT_ID!,
  clientSecret: process.env.FALCON_CLIENT_SECRET!,
});

const response = await client.dataProtectionConfiguration.queriesWebLocationGetV2(
  "string",  // filter
  "string",  // type
  integer,  // limit
  integer  // offset
);

console.log(response);

require "crimson-falcon"

Falcon.configure do |config|
  config.client_id = ENV["FALCON_CLIENT_ID"]
  config.client_secret = ENV["FALCON_CLIENT_SECRET"]
  config.cloud = ENV["FALCON_CLOUD"]
end

api = Falcon::DataProtectionConfiguration.new

response = api.queries_web_location_get_v2(filter: 'string',
                                           type: 'string',
                                           limit: integer,
                                           offset: integer)

puts response

Data Protection Configuration

Table of Contents

entities_classification_get_v2

Parameters

Code Examples

entities_classification_post_v2

Parameters

Code Examples

entities_classification_patch_v2

Parameters

Code Examples

entities_classification_delete_v2

Parameters

Code Examples

entities_cloud_application_get

Parameters

Code Examples

entities_cloud_application_create

Parameters

Code Examples

entities_cloud_application_patch

Parameters

Code Examples

entities_cloud_application_delete

Parameters

Code Examples

entities_content_pattern_get

Parameters

Code Examples

entities_content_pattern_create

Parameters

Code Examples

entities_content_pattern_patch

Parameters

Code Examples

entities_content_pattern_delete

Parameters

Code Examples

entities_policy_precedence_post_v1

Parameters

Code Examples

entities_enterprise_account_get

Parameters

Code Examples

entities_enterprise_account_create

Parameters

Code Examples

entities_enterprise_account_patch

Parameters

Code Examples

entities_enterprise_account_delete

Parameters

Code Examples

entities_file_type_get

Parameters

Code Examples

entities_sensitivity_label_get_v2

Parameters

Code Examples

entities_sensitivity_label_create_v2

Parameters

Code Examples

entities_sensitivity_label_delete_v2

Parameters

Code Examples

entities_local_application_group_get

Parameters

Code Examples

entities_local_application_group_create

Parameters

Code Examples

entities_local_application_group_patch

Parameters

Code Examples

entities_local_application_group_delete

Parameters

Code Examples

entities_local_application_get

Parameters

Code Examples