CrowdStrikeUrlParse

Parses a CrowdStrike alert URL and pull out the agent ID. This is useful when passing it to the cs-device-details command to return a device's details. This script will also return the detection ID for the specific alert. This is used for modifying the state of the alert for CrowdStrike.

Script Data


NameDescription
Script Typepython
Tagscrowdstrike

Inputs


Argument NameDescription
urlThe URL to parse.

Outputs


PathDescriptionType
CrowdStrikeUrlParse.AgentIdThe agent ID for the CrowdStrike host.Unknown
CrowdStrikeUrlParse.DetectIdThe detection ID for the CrowdStrike alert.Unknown