CrowdStrike Falcon - Update User

CrowdStrike Falcon - Update User updates the first name and last name of a user in CrowdStrike Falcon for:

• Users that match the results of the selected saved query, and match the Enforcement Action Conditions, if defined.

General Settings

• Use stored credentials from CrowdStrike Falcon adapter - Select this option to use CrowdStrike Falcon connected adapter credentials. (add a link to adapter, only write the first when the select adapter is not there)
  • When you select this option, the Select Adapter Connection drop-down is available, and you can choose which adapter connection to use for this Enforcement Action.

📘

Note

To use this option, you must successfully configure a CrowdStrike Falcon adapter connection. Full link to adapter when relevant

Required Fields

These fields must be configured to run the Enforcement Set.

• First Name - The first name of the user.
• Last Name - The last name of the user.

• Compute Node - The Axonius node to use when connecting to the specified host. For more details, see Working with Axonius Compute Nodes.

Additional Fields

These fields are optional.

💡

Connection and Credentials

When Use stored credentials from the adapter is toggled off, some of the connection fields below are required to create the connection, while other fields are optional.

• Gateway Name - Select the Gateway through which to connect to perform the action.

APIs

Axonius uses the CrowdStrike API.

Required Ports

Axonius must be able to communicate via the following ports:

• TCP Port 443

Required Permissions

The account used to access CrowdStrike must have user management write permissions.