Deploying the CrowdStrike Falcon Adapter

Admin User Name - The value you enter in the User Name field in CrowdStrike for the new user you created to allow Axonius to fetch Axonius SaaS Applications data.

Admin Password - The password you set for the new user in CrowdStrike.

2FA Secret Key - The secret generated in CrowdStrike for setting up 2-factor authentication for the CrowdStrike user created for collecting Axonius SaaS Applications data.

Member CID – Enter a CrowdStrike CID to fetch data from all tenants associated with that CID. To fetch data only from the primary tenant, leave this field blank.

Verify SSL – Select whether to verify the SSL certificate of the server against the CA database inside of Axonius. For more details, see SSL Trust & CA Settings.

HTTPS Proxy – Connect the adapter to a proxy instead of directly connecting it to the domain.

Ignore devices that have not been seen by this connection in the last X hours – Select whether to avoid fetching old devices that are no longer part of your network, but that still exist in the present adapter connection.

• When enabled, the adapter fetches only device assets that have been seen by this connection within the specified number of hours (Last Seen field).
  • For example, if set to 2160 hours, any device not seen in the last 90 days will be ignored..
• When disabled, the adapter fetches devices according to the global Ignore devices that have not been seen by this connection in the last X hours option. For more information, see Adapter Advanced Settings.

Threat Graph API User and Threat Graph API Key – Fetch data from the CrowdStrike Threat Graph API.

Notes – Add a note of up to 250 characters for this adapter connection.

Select Gateway – Select the Axonius Gateway to use when connecting adapters whose sources are only accessible by an internal network.
To use this option, you need to set up an Axonius Gateway.