Skip to main content

CrowdStrikeUrlParse

This Script is part of the FalconHost Pack.#

Parses a CrowdStrike alert URL and pull out the agent ID. This is useful when passing it to the cs-device-details command to return a device's details. This script will also return the detection ID for the specific alert. This is used for modifying the state of the alert for CrowdStrike.

Script Data#


NameDescription
Script Typepython
Tagscrowdstrike

Inputs#


Argument NameDescription
urlThe URL to parse.

Outputs#


PathDescriptionType
CrowdStrikeUrlParse.AgentIdThe agent ID for the CrowdStrike host.Unknown
CrowdStrikeUrlParse.DetectIdThe detection ID for the CrowdStrike alert.Unknown