CrowdStrike Endpoint Enrichment

Enriches Endpoints with CrowdStrike.

Dependencies

This playbook uses the following sub-playbooks, integrations, and scripts.

Sub-playbooks

This playbook does not use any sub-playbooks.

Integrations

This playbook does not use any integrations.

Scripts

This playbook does not use any scripts.

Commands

  • cs-device-search
  • cs-device-details

Playbook Inputs


NameDescriptionDefault ValueRequired
HostnameThe hostname to enrich.${Endpoint.Hostname}Optional

Playbook Outputs


PathDescriptionType
Endpoint.IDThe unique ID of the endpoint in FalconHost.string
Endpoint.IPAddressThe IP address of the endpoint.string
Endpoint.DomainThe domain of the endpoint.string
Endpoint.MACAddressThe MAC address of the endpoint.string
Endpoint.OSThe OS of the endpoint.string
Endpoint.OSVersionThe OS version of the endpoint.string
Endpoint.BIOSVersionThe BIOS version of the endpoint.string
Endpoint.HostNameThe host of the endpoint.string

Playbook Image


CrowdStrike_Endpoint_Enrichment