Skip to content
CrowdStrike Developer Center

Falcon Container

The Falcon Container service collection provides operations for managing container security. Download and manage export jobs, check prevention policies, retrieve image assessment reports, manage registry credentials, and handle container image scan inventories.

LanguageLast Update
Pythonv1.6.1
PowerShellv2.2.9
Gov0.20.0
TypeScriptv0.6.0
Rustv0.7.0
Rubyv1.2.0

Table of Contents

Section titled “Table of Contents”
OperationDescription
DownloadExportFile
download_export_file		Download an export file.
ReadExportJobs
read_export_jobs		Read export jobs entities.
LaunchExportJob
launch_export_job		Launch an export job of a Container Security resource. Maximum of 1 job in progress per resource.
QueryExportJobs
query_export_jobs		Query export jobs entities.
PolicyChecks
check_prevention_policies		Perform policy checks against container configurations.
GetReportByReference
get_report_by_reference		Retrieve a report by its reference.
GetReportByScanID
get_report_by_id		Retrieve a report by scan ID.
GetCombinedImages
get_combined_images		Retrieve registry entities identified by the customer ID.
GetCredentials
get_credentials		Gets the registry credentials.
GetImageAssessmentReport
get_assessment		Retrieve an assessment report for an image by specifying repository and tag.
HeadImageScanInventory
get_scan_headers		Get headers for POST request for image scan inventory.
DeleteImageDetails
delete_image_details		Delete image details from the CrowdStrike registry.
ImageMatchesPolicy
image_matches_policy		Check if an image matches a policy by specifying repository and tag.
PostImageScanInventory
scan_inventory		Post image scan inventory.
ReadImageVulnerabilities
read_image_vulnerabilities		Retrieve an assessment report for an image by specifying repository and tag.
ReadRegistryEntities
read_registry_entities		Retrieve registry entities associated with the client ID.
ReadRegistryEntitiesByUUID
read_registry_entities_by_uuid		Retrieve registry entities associated with a specific UUID.
DeleteRegistryEntities
delete_registry_entities		Delete registry entities by UUID.
CreateRegistryEntities
create_registry_entities		Create registry entities using the provided detail.
UpdateRegistryEntities
update_registry_entities		Update the registry entity, as identified by the entity UUID, using the provided details.

DownloadExportFile

Section titled “DownloadExportFile”

Download an export file.

GET /container-security/entities/exports/files/v1
Scope Falcon Container Image: READ Consumes · Produces application/json
PEP 8 download_export_file

Parameters

Section titled “Parameters”
NameTypeData typeDescription
idquerystring or list of stringsExport Job ID.
parametersquerydictionaryFull query string parameters payload in JSON format.

Code Examples

Section titled “Code Examples”
from falconpy import FalconContainer


falcon = FalconContainer(client_id=CLIENT_ID,
                         client_secret=CLIENT_SECRET
                         )


with open("output_file", "wb") as save_file:
    response = falcon.download_export_file(id="string", stream=boolean)
    save_file.write(response)

ReadExportJobs

Section titled “ReadExportJobs”

Read export jobs entities.

GET /container-security/entities/exports/v1
Scope Falcon Container Image: READ Consumes · Produces application/json
PEP 8 read_export_jobs

Parameters

Section titled “Parameters”
NameTypeData typeDescription
idsquerystring or list of stringsExport Job IDs to read. Allowed up to 100 IDs per request.
parametersquerydictionaryFull query string parameters payload in JSON format.

Code Examples

Section titled “Code Examples”
from falconpy import FalconContainer


falcon = FalconContainer(client_id=CLIENT_ID,
                         client_secret=CLIENT_SECRET
                         )


id_list = 'ID1,ID2,ID3'  # Can also pass a list here: ['ID1', 'ID2', 'ID3']


response = falcon.read_export_jobs(ids=id_list)
print(response)

LaunchExportJob

Section titled “LaunchExportJob”

Launch an export job of a Container Security resource. Maximum of 1 job in progress per resource.

POST /container-security/entities/exports/v1
Scope Falcon Container Image: READ Consumes · Produces application/json
PEP 8 launch_export_job

Parameters

Section titled “Parameters”
NameTypeData typeDescription
bodybodydictionaryFull body payload in JSON format, not required if using other keywords.
formatbodystringExport job format.
fqlbodystringFalcon Query Language string defining the export job.
resourcebodystringResource to run the export job against. Supported resources: assets.clusters, assets.containers, assets.deployments, assets.images, assets.namespaces, assets.nodes, assets.pods, images.images-assessment-detections-expanded, images.images-assessment-expanded, images.images-assessment-vulnerabilities-expanded, images.images-assessment, images.images-detections, images.packages, images.vulnerabilities, investigate.container-alerts, investigate.drift-indicators, investigate.kubernetes-ioms, investigate.runtime-detections, investigate.unidentified-containers, and policies.exclusions.
sortbodystringFalcon Query Language sort string defining the sort used for the export.

Code Examples

Section titled “Code Examples”
from falconpy import FalconContainer


falcon = FalconContainer(client_id=CLIENT_ID,
                         client_secret=CLIENT_SECRET
                         )


response = falcon.launch_export_job(expand_vulnerabilities=boolean,
                                    format="string",
                                    fql="string",
                                    resource="string",
                                    sort="string")
print(response)

QueryExportJobs

Section titled “QueryExportJobs”

Query export jobs entities.

GET /container-security/queries/exports/v1
Scope Falcon Container Image: READ Consumes · Produces application/json
PEP 8 query_export_jobs

Parameters

Section titled “Parameters”
NameTypeData typeDescription
filterquerystringFilter exports using a query in Falcon Query Language (FQL). Only the last 100 jobs are returned. Supported filter fields: resource and status.
parametersquerydictionaryFull query string parameters payload in JSON format.

Code Examples

Section titled “Code Examples”
from falconpy import FalconContainer


falcon = FalconContainer(client_id=CLIENT_ID,
                         client_secret=CLIENT_SECRET
                         )


response = falcon.query_export_jobs(filter="string")
print(response)

GetCombinedImages

Section titled “GetCombinedImages”

Get image assessment results by providing an FQL filter and paging details.

GET /container-security/combined/image-assessment/images/v1
Scope Falcon Container Image: READ Consumes · Produces application/json
PEP 8 get_combined_images

Parameters

Section titled “Parameters”
NameTypeData typeDescription
offsetqueryintegerThe offset to start retrieving records from.
parametersquerydictionaryFull query string parameters payload in JSON format.
limitqueryintegerThe maximum records to return. [1-100]
sortquerystringThe property to sort by (e.g. status.desc or hostname.asc).
filterquerystringFilter images using a query in Falcon Query Language (FQL). Supported filters: container_running_status, cve_id, first_seen, registry, repository, tag, vulnerability_severity.

Code Examples

Section titled “Code Examples”
from falconpy import ContainerImages


falcon = ContainerImages(client_id=CLIENT_ID,
                         client_secret=CLIENT_SECRET
                         )


response = falcon.get_combined_images(filter="string",
                                      limit=integer,
                                      offset=integer,
                                      sort="string")
print(response)

GetCredentials

Section titled “GetCredentials”

Gets the registry credentials.

GET /container-security/entities/image-registry-credentials/v1
Scope Falcon Container: READ Consumes · Produces application/json
PEP 8 get_credentials

No keywords or arguments accepted.

Code Examples

Section titled “Code Examples”
from falconpy import FalconContainer


falcon = FalconContainer(client_id=CLIENT_ID,
                         client_secret=CLIENT_SECRET
                         )


response = falcon.get_credentials()
print(response)

GetImageAssessmentReport

Section titled “GetImageAssessmentReport”

Retrieve an assessment report for an image by specifying image ID and digest or repository and tag.

GET /reports
Scope Falcon Container Image: READ Consumes · Produces application/json
PEP 8 get_assessment

Parameters

Section titled “Parameters”
NameTypeData typeDescription
image_idquerystringImage ID of the image assessed. Must be provided in conjuction with digest.
digestquerystringHash digest of the image assessed. Must be provided in conjuction with image_id.
parametersquerydictionaryFull query string parameters payload in JSON format.
repositoryquerystringRepository where the image resides. Must be provided in conjuction with tag.
tagquerystringTag used for the image assessed. Must be provided in conjuction with repository.

If both sets of parameters are provided within the same request, image_id and digest take precedence.

Code Examples

Section titled “Code Examples”

Examples coming soon.

HeadImageScanInventory

Section titled “HeadImageScanInventory”

Get headers for POST request for image scan inventory.

HEAD /image-assessment/entities/image-inventory/v1
Scope Falcon Container: READ Consumes · Produces application/json
PEP 8 get_scan_headers

This operation does not accept any parameters.

Code Examples

Section titled “Code Examples”
from falconpy import FalconContainer


falcon = FalconContainer(client_id=CLIENT_ID,
                         client_secret=CLIENT_SECRET
                         )


response = falcon.get_scan_headers()
print(response)

DeleteImageDetails

Section titled “DeleteImageDetails”

Delete image details from the CrowdStrike registry.

DELETE /images/{}
Scope Falcon Container Image: WRITE Consumes · Produces application/json
PEP 8 delete_image_details

Parameters

Section titled “Parameters”
NameTypeData typeDescription
image_idpathstringID of the image to delete details for.

Code Examples

Section titled “Code Examples”

Examples coming soon.

ImageMatchesPolicy

Section titled “ImageMatchesPolicy”

Check if an image matches a policy by specifying repository and tag.

GET /policy-checks
Consumes · Produces application/json
PEP 8 image_matches_policy

Parameters

Section titled “Parameters”
NameTypeData typeDescription
parametersquerydictionaryFull query string parameters payload in JSON format.
repositoryquerystringRepository where the image resides.
tagquerystringTag used for the image assessed.

Code Examples

Section titled “Code Examples”

Examples coming soon.

PostImageScanInventory

Section titled “PostImageScanInventory”

Post image scan inventory.

POST /image-assessment/entities/image-inventory/v1
Scope Falcon Container: READ Consumes · Produces application/json
PEP 8 scan_inventory

Parameters

Section titled “Parameters”
NameTypeData typeDescription
bodybodydictionaryFull body payload in JSON format.
agent_uuidbodystringAgent UUID.
agent_versionbodystringAgent version.
agent_version_hashbodystringAgent version hash.
cluster_idbodystringCluster ID.
cluster_namebodystringCluster Name.
container_idbodystringContainer ID.
ephemeral_scanbodybooleanFlag indicating if this is an ephemeral scan.
helm_versionbodystringHelm version used.
high_entropy_stringsbodyarrayList of high entropy string dictionaries.
host_ipbodystringHost IP address.
host_namebodystringHost name.
inventorybodydictionaryComplete inventory detail as a dictionary.
original_image_namebodystringName of the original image.
pod_idbodystringPod ID.
pod_namebodystringPod name.
pod_namespacebodystringPod namespace.
runmodebodystringRun mode.
runtime_typebodystringType of runtime used.
scan_requestbodydictionaryRequested scan in dictionary format.

Code Examples

Section titled “Code Examples”
from falconpy import FalconContainer


falcon = FalconContainer(client_id=CLIENT_ID,
                         client_secret=CLIENT_SECRET
                         )


high_entropy_strings = [
    {
        "layer_hash": "string",
        "layer_index": integer,
        "path": "string",
        "strings": [
            {
                "hash": "string",
                "line": integer,
                "name": "string",
                "regex_name": "string",
                "string": "string"
            }
        ]
    }
]


inventory = {
    "application_packages": [
        {
            "libraries": ["string"],
            "type": integer
        }
    ],
    "config": {
        "architecture": "string",
        "author": "string",
        "config": {},
        "created": "string",
        "history": ["string"],
        "os": "string",
        "os.features": ["string"],
        "os.version": "string",
        "rootfs": {},
        "variant": "string"
    },
    "config_info": {
        "cmd": ["string"],
        "entrypoint": ["string"],
        "env": ["string"],
        "exposed_ports": {},
        "labels": {},
        "stop_signal": "string",
        "user": "string",
        "volumes": {},
        "working_dir": "string"
    },
    "elfbinaries": [
        {
            "details": {},
            "hash": "string",
            "layer_hash": "string",
            "layer_index": integer,
            "malicious": boolean,
            "path": "string",
            "permissions": "string",
            "size": integer
        }
    ],
    "image_info": {
        "architecture": "string",
        "created_at": "string",
        "digest": "string",
        "id": "string",
        "index_digest": "string",
        "registry": "string",
        "repository": "string",
        "size": integer,
        "tag": "string",
        "config_s3_key": "string",
        "manifest_s3_key": "string",
        "scan_request_s3_key": "string",
        "source": "string"
    },
    "inventory_engine_info": {
        "cwppscanner_version": "string",
        "collected_at": "string",
        "engine_version": "string",
        "malware_metadata": {}
    },
    "layers": [
        {
            "created_at": "string",
            "created_by": "string",
            "digest": "string",
            "size": integer,
            "layer_inventory_s3_key": "string",
            "layer_reference_key": "string",
            "layer_reference_type": integer,
            "type": integer
        }
    ],
    "mlmodels": [
        {
            "details": {},
            "detection_name": "string",
            "hash": "string",
            "layer_hash": "string",
            "layer_index": integer,
            "malicious": boolean,
            "path": "string",
            "size": integer
        }
    ],
    "manifest": {
        "annotations": {},
        "artifact_type": "string",
        "config": {},
        "layers": ["string"],
        "media_type": "string",
        "schema_version": integer,
        "subject": {}
    },
    "osinfo": {
        "name": "string",
        "version": "string"
    },
    "packages": [
        {
            "layer_hash": "string",
            "layer_index": integer,
            "major_version": "string",
            "package_hash": "string",
            "package_provider": "string",
            "package_source": "string",
            "product": "string",
            "software_architecture": "string",
            "status": "string",
            "vendor": "string"
        }
    ],
    "ai_related": boolean,
    "high_entropy_s3_file_exists": boolean,
    "interesting_strings": [
        {
            "layer_hash": "string",
            "layer_index": integer,
            "path": "string",
            "strings": ["string"]
        }
    ],
    "whiteout_files": ["string"]
}


scan_request = {
    "config": {
        "architecture": "string",
        "author": "string",
        "config": {},
        "created": "string",
        "history": ["string"],
        "os": "string",
        "os.features": ["string"],
        "os.version": "string",
        "rootfs": {},
        "variant": "string"
    },
    "config_info": {
        "cmd": ["string"],
        "entrypoint": ["string"],
        "env": ["string"],
        "exposed_ports": {},
        "labels": {},
        "stop_signal": "string",
        "user": "string",
        "volumes": {},
        "working_dir": "string"
    },
    "image_info": {
        "architecture": "string",
        "created_at": "string",
        "digest": "string",
        "id": "string",
        "index_digest": "string",
        "registry": "string",
        "repository": "string",
        "size": integer,
        "tag": "string",
        "config_s3_key": "string",
        "manifest_s3_key": "string",
        "scan_request_s3_key": "string",
        "source": "string"
    },
    "image_metadata": {
        "image_metadata_config_s3_key": "string",
        "image_metadata_high_entropy_strings_s3_key": "string",
        "image_metadata_image_inventory_s3_key": "string",
        "image_metadata_image_inventory_s3_path": "string",
        "image_metadata_manifest_s3_key": "string",
        "image_metadata_scan_report_s3_key": "string"
    },
    "layers": [
        {
            "created_at": "string",
            "created_by": "string",
            "digest": "string",
            "size": integer,
            "layer_inventory_s3_key": "string",
            "layer_reference_key": "string",
            "layer_reference_type": integer,
            "type": integer
        }
    ],
    "manifest": {
        "annotations": {},
        "artifact_type": "string",
        "config": {},
        "layers": ["string"],
        "media_type": "string",
        "schema_version": integer,
        "subject": {}
    },
    "scan_info": {
        "correlation_uuid": "string",
        "requested_at": "string",
        "scan_uuid": "string",
        "user_uuid": "string",
        "username": "string",
        "cid": "string"
    },
    "high_entropy_strings_s3_key": "string",
    "image_inventory_s3_key": "string",
    "layer_inventory_s3_key": "string",
    "scan_report_s3_key": "string",
    "scan_request_s3_key": "string"
}


response = falcon.scan_inventory(agent_uuid="string",
                                 agent_version="string",
                                 agent_version_hash="string",
                                 cluster_id="string",
                                 cluster_name="string",
                                 container_id="string",
                                 ephemeral_scan=boolean,
                                 helm_version="string",
                                 high_entropy_strings=high_entropy_strings,
                                 host_ip="string",
                                 host_name="string",
                                 inventory=inventory,
                                 original_image_name="string",
                                 pod_id="string",
                                 pod_name="string",
                                 pod_namespace="string",
                                 runmode="string",
                                 runtime_type="string",
                                 scan_request=scan_request)
print(response)

ReadImageVulnerabilities

Section titled “ReadImageVulnerabilities”

Retrieve known vulnerabilities by specifying repository and tag.

POST /image-assessment/combined/vulnerability-lookups/v1
Scope Falcon Container Image: READ Consumes · Produces application/json
PEP 8 read_image_vulnerabilities

Parameters

Section titled “Parameters”
NameTypeData typeDescription
applicationPackagesbodylist of dictionariesList of application packages for the image.
bodybodydictionaryFull body payload in JSON format, not required if using other keywords.
osversionbodystringOperating system version for the image to be read.
packagesbodylist of dictionariesList of packages to review.

Code Examples

Section titled “Code Examples”
from falconpy import FalconContainer


falcon = FalconContainer(client_id=CLIENT_ID,
                         client_secret=CLIENT_SECRET
                         )


application_packages = [
    {
        "libraries": [
            {
                "hash": "string",
                "layer_hash": "string",
                "layer_index": integer,
                "license": "string",
                "name": "string",
                "path": "string",
                "version": "string",
                "ai_related": boolean
            }
        ],
        "type": integer
    }
]


packages = [
    {
        "layer_hash": "string",
        "layer_index": integer,
        "major_version": "string",
        "package_hash": "string",
        "package_provider": "string",
        "package_source": "string",
        "product": "string",
        "software_architecture": "string",
        "status": "string",
        "vendor": "string"
    }
]


response = falcon.read_image_vulnerabilities(application_packages=application_packages,
                                             osversion="string",
                                             packages=packages)
print(response)

ReadRegistryEntities

Section titled “ReadRegistryEntities”

Retrieve registry entities associated with the client ID.

GET /container-security/queries/registries/v1
Scope Falcon Container Image: READ Consumes · Produces application/json
PEP 8 read_registry_entities

Parameters

Section titled “Parameters”
NameTypeData typeDescription
limitqueryintegerTotal number of records to return in the response.
offsetqueryintegerStarting position within the overall recordset to return results.
parametersquerydictionaryFull query string parameters payload in JSON format.
sortquerystringFQL formatted string to use to sort returned results.

Code Examples

Section titled “Code Examples”
from falconpy import FalconContainer


falcon = FalconContainer(client_id=CLIENT_ID,
                         client_secret=CLIENT_SECRET
                         )


response = falcon.read_registry_entities(limit=integer,
                                         offset=integer,
                                         sort="string")
print(response)

ReadRegistryEntitiesByUUID

Section titled “ReadRegistryEntitiesByUUID”

Retrieve registry entities associated with a specific UUID.

GET /container-security/entities/registries/v1
Scope Falcon Container Image: READ Consumes · Produces application/json
PEP 8 read_registry_entities_by_uuid

Parameters

Section titled “Parameters”
NameTypeData typeDescription
idsquerystring or list of stringsRegistry entity UUIDs to retrieve.
parametersquerydictionaryFull query string parameters payload in JSON format.

Code Examples

Section titled “Code Examples”
from falconpy import FalconContainer


falcon = FalconContainer(client_id=CLIENT_ID,
                         client_secret=CLIENT_SECRET
                         )


response = falcon.read_registry_entities_by_uuid(ids="string")
print(response)

DeleteRegistryEntities

Section titled “DeleteRegistryEntities”

Delete registry entities by UUID.

DELETE /container-security/entities/registries/v1
Scope Falcon Container Image: WRITE Consumes · Produces application/json
PEP 8 delete_registry_entities

Parameters

Section titled “Parameters”
NameTypeData typeDescription
idsquerystring or list of stringsRegistry entity UUIDs to delete.
parametersquerydictionaryFull query string parameters payload in JSON format.

Code Examples

Section titled “Code Examples”
from falconpy import FalconContainer


falcon = FalconContainer(client_id=CLIENT_ID,
                         client_secret=CLIENT_SECRET
                         )


response = falcon.delete_registry_entities(ids="string")
print(response)

CreateRegistryEntities

Section titled “CreateRegistryEntities”

Create registry entities using the provided detail.

POST /container-security/entities/registries/v1
Scope Falcon Container Image: WRITE Consumes · Produces application/json
PEP 8 create_registry_entities

Parameters

Section titled “Parameters”
NameTypeData typeDescription
aws_iam_rolebody (credential)stringContainer registry username (AWS ECR).
aws_external_idbody (credential)stringContainer registry password (AWS ECR).
bodybodydictionaryFull body payload in JSON format, not required if using other keywords.
compartment_idsbody (credential)list of stringsCompartment IDs (OCR (Oracle)).
credential_typebody (credential)stringCredential type (GitHub, GitLab).
domain_urlbody (credential)stringDomain URL (GitHub, GitLab).
passwordbody (credential)stringContainer registry password.
project_idbody (credential)stringCloud Project ID (GAR, GCR (Google)).
scope_namebody (credential)stringScope name (GAR, GCR (Google), OCR (Oracle)).
service_account_jsonbody (credential)dictionaryGAR / GCR credential dictionary. Keys: client_email, client_id, private_key, private_key_id, project_id, type.
typebodystringThe type of registry (e.g., acr, artifactory, docker, dockerhub, ecr, gar, gcr, github, gitlab, harbor, icr, nexus, openshift, oracle, quay.io). Required.
urlbodystringThe URL used to log in to the registry. Required.
url_uniqueness_keybodystringThe registry URL alias.
user_defined_aliasbodystringA user-friendly name for the registry.
usernamebody (credential)stringContainer registry username.
Required Credential Values by Registry
Section titled “Required Credential Values by Registry”
RegistryTypeRequired credential values
Amazon Elastic Container Registryecraws_iam_role, aws_external_id
Docker Hubdockerhubpassword (access token), username
Docker Registry v2dockerpassword (API Key), username (account ID)
GitHubgithubcredential_type, domain_url, password (personal access token), username
GitLab Cloudgitlabcredential_type, domain_url, password (personal access token), username
GitLab On-premgitlabcredential_type (set to PAT), domain_url, password (personal access token), username
Google Artifact Registrygarproject_id, scope_name, service_account_json
Google Container Registrygcrproject_id, service_account_json
IBM Cloudicrpassword, username
JFrog Artifactoryartifactorypassword (API Key), username (account ID)
Microsoft Azure Container Registryacrpassword (API Key), username (account ID)
Oracle Container Registryoraclecompartment_ids, password, scope_name, username (tenancy email)
Red Hat OpenShiftopenshiftpassword (API Key), username (account ID)
Sonatype Nexusnexuspassword (API Key), username (account ID)
Quay.io (Red Hat)quay.iopassword (API Key), username (account ID)
VMWare Harborharborpassword, username

Code Examples

Section titled “Code Examples”
from falconpy import FalconContainer


falcon = FalconContainer(client_id=CLIENT_ID,
                         client_secret=CLIENT_SECRET
                         )


credential = {
    "details": {}
}


response = falcon.create_registry_entities(credential=credential,
                                           type="string",
                                           url="string",
                                           url_uniqueness_key="string",
                                           user_defined_alias="string")
print(response)

UpdateRegistryEntities

Section titled “UpdateRegistryEntities”

Update the registry entity, as identified by the entity UUID, using the provided details.

PATCH /container-security/entities/registries/v1
Scope Falcon Container Image: WRITE Consumes · Produces application/json
PEP 8 update_registry_entities

Parameters

Section titled “Parameters”

Same parameters as CreateRegistryEntities plus:

NameTypeData typeDescription
idbodystringContainer registry record UUID.
statebodystringContainer registry state: pause or resume.

Code Examples

Section titled “Code Examples”
from falconpy import FalconContainer


falcon = FalconContainer(client_id=CLIENT_ID,
                         client_secret=CLIENT_SECRET
                         )


credential = {
    "details": {},
    "type": "string"
}


response = falcon.update_registry_entities(credential=credential,
                                           state="string",
                                           user_defined_alias="string",
                                           id="string")
print(response)

PolicyChecks

Section titled “PolicyChecks”

Check image prevention policies

GET /image-assessment/entities/policy-checks/v2
Scope Falcon Container Image: WRITE Consumes · Produces application/json
PEP 8 check_prevention_policies

Parameters

Section titled “Parameters”
NameTypeData typeDescription
registryquerystringImage Registry
repositoryquerystringImage Repository
tagquerystringImage Tag
parametersquerydictionaryFull query string parameters payload in JSON format

Code Examples

Section titled “Code Examples”
from falconpy import FalconContainer


falcon = FalconContainer(client_id=CLIENT_ID,
                         client_secret=CLIENT_SECRET
                         )


response = falcon.check_prevention_policies(registry="string",
                                            repository="string",
                                            tag="string")
print(response)

GetReportByReference

Section titled “GetReportByReference”

Get image assessment scan report by image reference (v2)

GET /image-assessment/entities/reports/v2
Scope Falcon Container Image: READ Consumes · Produces application/json
PEP 8 get_report_by_reference

Parameters

Section titled “Parameters”
NameTypeData typeDescription
registryquerystringImage Registry
repositoryquerystringImage Repository
tagquerystringImage Tag
image_idquerystringImage ID
digestquerystringImage digest
report_formatquerystringSpecify image-assessment scan report format
parametersquerydictionaryFull query string parameters payload in JSON format

Code Examples

Section titled “Code Examples”
from falconpy import FalconContainer


falcon = FalconContainer(client_id=CLIENT_ID,
                         client_secret=CLIENT_SECRET
                         )


response = falcon.get_report_by_reference(registry="string",
                                          repository="string",
                                          tag="string",
                                          image_id="string",
                                          digest="string",
                                          report_format="string")
print(response)

GetReportByScanID

Section titled “GetReportByScanID”

Get image assessment scan report by scan UUID (v2)

GET /image-assessment/entities/reports/v2/{uuid}
Scope Falcon Container Image: READ Consumes · Produces application/json
PEP 8 get_report_by_id

Parameters

Section titled “Parameters”
NameTypeData typeDescription
uuidpathstringScan UUID
report_formatquerystringSpecify image-assessment scan report format
parametersquerydictionaryFull query string parameters payload in JSON format

Code Examples

Section titled “Code Examples”
from falconpy import FalconContainer


falcon = FalconContainer(client_id=CLIENT_ID,
                         client_secret=CLIENT_SECRET
                         )


response = falcon.get_report_by_id(uuid="string", report_format="string")
print(response)
© 2026 CrowdStrike, Inc. All rights reserved. Privacy Notice Cookie Notice Terms of Use