CrowdStrike Falcon Discover
  • 30 Oct 2023
  • 2 Minutes to read
  • Dark
    Light
  • PDF

CrowdStrike Falcon Discover

  • Dark
    Light
  • PDF

Article Summary

CrowdStrike Falcon Discover is a network security monitoring tool that provides real-time visibility into devices, users, and applications.

Types of Assets Fetched

This adapter fetches the following types of assets:

  • Devices

Parameters

  1. Host Name or IP Address (required, default api.crowdstrike.com) - The hostname or IP address of the CrowdStrike Falcon Discover server.

  2. Client ID Client Secret (required) - The Client ID and Client Secret. Refer creating credentials for information about how to create the Client ID and Client Secret.

  3. Verify SSL - Select whether to verify the SSL certificate of the server against the CA database inside of Axonius. For more details, see SSL Trust & CA Settings.

  4. HTTPS Proxy (optional) - Connect the adapter to a proxy instead of directly connecting it to the domain.

  5. HTTPS Proxy User Name (optional) - The user name to use when connecting to the value supplied in Host Name or IP Address via the value supplied in HTTPS Proxy.

  6. HTTPS Proxy Password (optional) - The password to use when connecting to the server using the HTTPS Proxy.

To learn more about common adapter connection parameters and buttons, see Adding a New Adapter Connection.

CrowdStrikeDiscover


Advanced Settings

Note:

Advanced settings can either apply for all connections for this adapter, or you can set different advanced settings and/or different scheduling for a specific connection, refer to ​Advanced Configuration for Adapters.

  1. Fetch applications - Select this option to fetch applications (installed software) on each device.
  2. Ingest devices only if type is "managed" - Select this option to only fetch devices whose type is "managed".
  3. Ingest devices only if Product Type exists - Select this option to only ingest devices if the Product Type field exists on the device.
  4. Filter installed software - Toggle on this setting to filter the installed software.
  5. Require software name - Only populate installed software if the software has a name.
  6. Use file name if no software name - If the software does not have a name, use the file name.
  7. Fetch only latest software versions - Enable this option to choose only the device with the latest last-seen timestamp.
  8. Fetch IoT devices - Select this option to fetch the IoT devices from the discover/queries/iot-hosts/v1 endpoint.
Note:

To learn more about Adapter Configuration tab advanced settings, see Adapter Advanced Settings.


APIs

Axonius uses:


Required Permissions

The value supplied in Client ID must have Read permissions in order to fetch assets.

Supported From Version

Supported from Axonius version 4.8



Was this article helpful?

Changing your password will log you out immediately. Use the new password to log back in.
First name must have atleast 2 characters. Numbers and special characters are not allowed.
Last name must have atleast 1 characters. Numbers and special characters are not allowed.
Enter a valid email
Enter a valid password
Your profile has been successfully updated.