CrowdStrike Falcon Pack.#This Playbook is part of the
Supported Cortex XSOAR versions: 6.5.0 and later.
This playbook is part of the 'Malware Investigation And Response' pack. For more information, refer to https://xsoar.pan.dev/docs/reference/packs/malware-investigation-and-response. This playbook retrieves and unzips files from CrowdStrike Falcon and returns a list of the files that were and were not retrieved.
This playbook uses the following sub-playbooks, integrations, and scripts.
This playbook does not use any sub-playbooks.
|The ID of the host to use.
|The path to retrieve the file from the host.
|Default password to unzip files retrieved by CrowdStrike Falcon.
|The names of the file to retrieve. This is used to validate that all the intended files were retrieved, not to specify which ones will be retrieved.
|A list of file names that were extracted from the ZIP file.
|A list of files that were not retrieved.