Using the Host Group service collection
Table of Contents
| Operation ID | Description | ||||
|---|---|---|---|---|---|
| Search for members of a Host Group in your environment by providing a FQL filter and paging details. Returns a set of host details which match the filter criteria | ||||
| Search for Host Groups in your environment by providing a FQL filter and paging details. Returns a set of Host Groups which match the filter criteria | ||||
| Perform the specified action on the Host Groups specified in the request | ||||
| Retrieve a set of Host Groups by specifying their IDs | ||||
| Create Host Groups by specifying details about the group to create | ||||
| Delete a set of Host Groups by specifying their IDs | ||||
| Update Host Groups by specifying the ID of the group and details to update | ||||
| Search for members of a Host Group in your environment by providing a FQL filter and paging details. Returns a set of Agent IDs which match the filter criteria | ||||
| Search for Host Groups in your environment by providing a FQL filter and paging details. Returns a set of Host Group IDs which match the filter criteria | ||||
Passing credentials
WARNING
client_idandclient_secretare keyword arguments that contain your CrowdStrike API credentials. Please note that all examples below do not hard code these values. (These values are ingested as strings.)CrowdStrike does not recommend hard coding API credentials or customer identifiers within source code.
queryCombinedGroupMembers
Search for members of a Host Group in your environment by providing a FQL filter and paging details. Returns a set of host details which match the filter criteria
PEP8 method name
query_combined_group_members
Endpoint
| Method | Route |
|---|---|
 | /devices/combined/host-group-members/v1 |
Content-Type
- Produces: application/json
Keyword Arguments
| Name | Service | Uber | Type | Data type | Description |
|---|---|---|---|---|---|
| filter |  | | query | string | FQL query expression that should be used to limit the results. |
| limit | | | query | integer | Maximum number of records to return. Max: 5000. |
| offset | | | query | string | Starting index of overall result set from which to return ids. |
| id | | | query | string | The ID of the Host Group to search for members of. |
| sort | | | query | string | The property to sort by. |
| parameters | | | query | dictionary | Full query string parameters payload in JSON format. |
Usage
Service class example (PEP8 syntax)
from falconpy import HostGroup
# Do not hardcode API credentials!
falcon = HostGroup(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.query_combined_group_members(id="string",
filter="string",
offset=integer,
limit=integer,
sort="string"
)
print(response)
Service class example (Operation ID syntax)
from falconpy import HostGroup
# Do not hardcode API credentials!
falcon = HostGroup(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.queryCombinedGroupMembers(id="string",
filter="string",
offset=integer,
limit=integer,
sort="string"
)
print(response)
Uber class example
from falconpy import APIHarnessV2
# Do not hardcode API credentials!
falcon = APIHarnessV2(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.command("queryCombinedGroupMembers",
id="string",
filter="string",
offset=integer,
limit=integer,
sort="string"
)
print(response)
queryCombinedHostGroups
Search for Host Groups in your environment by providing a FQL filter and paging details. Returns a set of Host Groups which match the filter criteria
PEP8 method name
query_combined_host_groups
Endpoint
| Method | Route |
|---|---|
| /devices/combined/host-groups/v1 |
Content-Type
- Produces: application/json
Keyword Arguments
| Name | Service | Uber | Type | Data type | Description |
|---|---|---|---|---|---|
| filter | | | query | string | FQL query expression that should be used to limit the results. |
| limit | | | query | integer | Maximum number of records to return. Max: 5000. |
| offset | | | query | string | Starting index of overall result set from which to return ids. |
| sort | | | query | string | The property to sort by. |
| parameters | | | query | dictionary | Full query string parameters payload in JSON format. |
Usage
Service class example (PEP8 syntax)
from falconpy import HostGroup
# Do not hardcode API credentials!
falcon = HostGroup(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.query_combined_host_groups(filter="string",
offset=integer,
limit=integer,
sort="string"
)
print(response)
Service class example (Operation ID syntax)
from falconpy import HostGroup
# Do not hardcode API credentials!
falcon = HostGroup(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.queryCombinedHostGroups(filter="string",
offset=integer,
limit=integer,
sort="string"
)
print(response)
Uber class example
from falconpy import APIHarnessV2
# Do not hardcode API credentials!
falcon = APIHarnessV2(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.command("queryCombinedHostGroups",
filter="string",
offset=integer,
limit=integer,
sort="string"
)
print(response)
performGroupAction
Perform the specified action on the Host Groups specified in the request
PEP8 method name
perform_group_action
Endpoint
| Method | Route |
|---|---|
 | /devices/entities/host-group-actions/v1 |
Content-Type
- Produces: application/json
Keyword Arguments
| Name | Service | Uber | Type | Data type | Description |
|---|---|---|---|---|---|
| action_name | | | query | string | The action to be performed. Allowed values:add-hostsdisable-hostname-checkremove-hosts |
| action_parameters | |  | body | list of dictionaries | Action specific parameters. Multiple action parameters may be specified. Example:
"name": "filter", "value": "(device_id:['ID1', 'ID2','ID3'])" }] |
| body | |  | body | dictionary | Full body payload in JSON format. |
| filter | | | body action_parameters | string | Filter to use to specify hosts to apply this action to. FQL formatted string. Overridden if action_parameters is specified. |
| ids | | | body | string or list of strings | The ID(s) of the Host Group to perform the action against. |
| parameters | | | query | dictionary | Full query string parameters payload in JSON format. |
Usage
Service class example (PEP8 syntax)
from falconpy import HostGroup
# Do not hardcode API credentials!
falcon = HostGroup(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.perform_group_action(action_name="string",
ids="ID_TO_UPDATE",
filter="string"
)
print(response)
Service class example (Operation ID syntax)
from falconpy import HostGroup
# Do not hardcode API credentials!
falcon = HostGroup(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
# Can also be provided using the keyword `filter`
act_params = [{
"name": "filter",
"value": "string"
}]
response = falcon.performGroupAction(action_name="string",
ids="ID_TO_UPDATE",
action_parameters=act_params
)
print(response)
Uber class example
from falconpy import APIHarnessV2
# Do not hardcode API credentials!
falcon = APIHarnessV2(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
PARAMS = {
"action_name": "string" # Can also pass this using the action_name keyword
}
# Only one ID may be updated at a time
BODY = {
"action_parameters": [
{
"name": "filter",
"value": "string"
}
],
"ids": ["ID_TO_UPDATE"]
}
response = falcon.command("performGroupAction", parameters=PARAMS, body=BODY)
print(response)
getHostGroups
Retrieve a set of Host Groups by specifying their IDs
PEP8 method name
get_host_groups
Endpoint
| Method | Route |
|---|---|
| /devices/entities/host-groups/v1 |
Content-Type
- Produces: application/json
Keyword Arguments
| Name | Service | Uber | Type | Data type | Description |
|---|---|---|---|---|---|
| ids | | | query | string or list of strings | The ID(s) of the Host Groups to retrieve. |
| parameters | | | query | dictionary | Full query string parameters payload in JSON format. |
Usage
Service class example (PEP8 syntax)
from falconpy import HostGroup
# Do not hardcode API credentials!
falcon = HostGroup(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
id_list = 'ID1,ID2,ID3' # Can also pass a list here: ['ID1', 'ID2', 'ID3']
response = falcon.get_host_groups(ids=id_list)
print(response)
Service class example (Operation ID syntax)
from falconpy import HostGroup
# Do not hardcode API credentials!
falcon = HostGroup(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
id_list = 'ID1,ID2,ID3' # Can also pass a list here: ['ID1', 'ID2', 'ID3']
response = falcon.getHostGroups(ids=id_list)
print(response)
Uber class example
from falconpy import APIHarnessV2
# Do not hardcode API credentials!
falcon = APIHarnessV2(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
id_list = 'ID1,ID2,ID3' # Can also pass a list here: ['ID1', 'ID2', 'ID3']
response = falcon.command("getHostGroups", ids=id_list)
print(response)
createHostGroups
Create Host Groups by specifying details about the group to create
PEP8 method name
create_host_groups
Endpoint
| Method | Route |
|---|---|
| /devices/entities/host-groups/v1 |
Content-Type
- Produces: application/json
Keyword Arguments
| Name | Service | Uber | Type | Data type | Description |
|---|---|---|---|---|---|
| assignment_rule | | | body | string | Assignment rule to apply. |
| body | | | body | dictionary | Full body payload in JSON format. |
| description | | | body | string | Description for the host group. |
| group_type | | | body | string | Type of Host Group to create. Allowed Values: dynamicstaticstaticByID |
| name | | | body | string | The name of the Host Group. |
Usage
Service class example (PEP8 syntax)
from falconpy import HostGroup
# Do not hardcode API credentials!
falcon = HostGroup(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.create_host_groups(assignment_rule="string",
description="string",
group_type="string",
name="string"
)
print(response)
Service class example (Operation ID syntax)
from falconpy import HostGroup
# Do not hardcode API credentials!
falcon = HostGroup(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.createHostGroups(assignment_rule="string",
description="string",
group_type="string",
name="string"
)
print(response)
Uber class example
from falconpy import APIHarnessV2
# Do not hardcode API credentials!
falcon = APIHarnessV2(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
BODY = {
"resources": [
{
"assignment_rule": "string",
"description": "string",
"group_type": "static",
"name": "string"
}
]
}
response = falcon.command("createHostGroups", body=BODY)
print(response)
deleteHostGroups
Delete a set of Host Groups by specifying their IDs
PEP8 method name
delete_host_groups
Endpoint
| Method | Route |
|---|---|
 | /devices/entities/host-groups/v1 |
Content-Type
- Produces: application/json
Keyword Arguments
| Name | Service | Uber | Type | Data type | Description |
|---|---|---|---|---|---|
| ids | | | query | string or list of strings | The ID(s) of the Host Groups to delete. |
| parameters | | | query | dictionary | Full query string parameters payload in JSON format. |
Usage
Service class example (PEP8 syntax)
from falconpy import HostGroup
# Do not hardcode API credentials!
falcon = HostGroup(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
id_list = 'ID1,ID2,ID3' # Can also pass a list here: ['ID1', 'ID2', 'ID3']
response = falcon.delete_host_groups(ids=id_list)
print(response)
Service class example (Operation ID syntax)
from falconpy import HostGroup
# Do not hardcode API credentials!
falcon = HostGroup(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
id_list = 'ID1,ID2,ID3' # Can also pass a list here: ['ID1', 'ID2', 'ID3']
response = falcon.deleteHostGroups(ids=id_list)
print(response)
Uber class example
from falconpy import APIHarnessV2
# Do not hardcode API credentials!
falcon = APIHarnessV2(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
id_list = 'ID1,ID2,ID3' # Can also pass a list here: ['ID1', 'ID2', 'ID3']
response = falcon.command("deleteHostGroups", ids=id_list)
print(response)
updateHostGroups
Update Host Groups by specifying the ID of the group and details to update
PEP8 method name
update_host_groups
Endpoint
| Method | Route |
|---|---|
 | /devices/entities/host-groups/v1 |
Content-Type
- Produces: application/json
Keyword Arguments
| Name | Service | Uber | Type | Data type | Description |
|---|---|---|---|---|---|
| assignment_rule | | | body | string | Assignment rule to apply. |
| body | | | body | dictionary | Full body payload in JSON format. |
| description | | | body | string | Description for the host group. |
| id | | | body | string | The ID of the Host Group to update. |
| name | | | body | string | The name of the Host Group. |
Usage
Service class example (PEP8 syntax)
from falconpy import HostGroup
# Do not hardcode API credentials!
falcon = HostGroup(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.update_host_groups(assignment_rule="string",
description="string",
id="string",
name="string"
)
print(response)
Service class example (Operation ID syntax)
from falconpy import HostGroup
# Do not hardcode API credentials!
falcon = HostGroup(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.updateHostGroups(assignment_rule="string",
description="string",
id="string",
name="string"
)
print(response)
Uber class example
from falconpy import APIHarnessV2
# Do not hardcode API credentials!
falcon = APIHarnessV2(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
BODY = {
"resources": [
{
"assignment_rule": "string",
"description": "string",
"id": "string",
"name": "string"
}
]
}
response = falcon.command("updateHostGroups", body=BODY)
print(response)
queryGroupMembers
Search for members of a Host Group in your environment by providing a FQL filter and paging details. Returns a set of Agent IDs which match the filter criteria
PEP8 method name
query_group_members
Endpoint
| Method | Route |
|---|---|
| /devices/queries/host-group-members/v1 |
Content-Type
- Produces: application/json
Keyword Arguments
| Name | Service | Uber | Type | Data type | Description |
|---|---|---|---|---|---|
| filter | | | query | string | FQL query expression that should be used to limit the results. |
| limit | | | query | integer | Maximum number of records to return. Max: 5000. |
| offset | | | query | string | Starting index of overall result set from which to return ids. |
| id | | | query | string | The ID of the Host Group to search for members of. |
| sort | | | query | string | The property to sort by. |
| parameters | | | query | dictionary | Full query string parameters payload in JSON format. |
Usage
Service class example (PEP8 syntax)
from falconpy import HostGroup
# Do not hardcode API credentials!
falcon = HostGroup(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.query_group_members(id="string",
filter="string",
offset=integer,
limit=integer,
sort="string"
)
print(response)
Service class example (Operation ID syntax)
from falconpy import HostGroup
# Do not hardcode API credentials!
falcon = HostGroup(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.queryGroupMembers(id="string",
filter="string",
offset=integer,
limit=integer,
sort="string"
)
print(response)
Uber class example
from falconpy import APIHarnessV2
# Do not hardcode API credentials!
falcon = APIHarnessV2(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.command("queryGroupMembers",
id="string",
filter="string",
offset=integer,
limit=integer,
sort="string"
)
print(response)
queryHostGroups
Search for Host Groups in your environment by providing a FQL filter and paging details. Returns a set of Host Group IDs which match the filter criteria
PEP8 method name
query_host_groups
Endpoint
| Method | Route |
|---|---|
| /devices/queries/host-groups/v1 |
Content-Type
- Produces: application/json
Keyword Arguments
| Name | Service | Uber | Type | Data type | Description |
|---|---|---|---|---|---|
| filter | | | query | string | FQL query expression that should be used to limit the results. |
| limit | | | query | integer | Maximum number of records to return. Max: 5000. |
| offset | | | query | string | Starting index of overall result set from which to return ids. |
| sort | | | query | string | The property to sort by. |
| parameters | | | query | dictionary | Full query string parameters payload in JSON format. |
Usage
Service class example (PEP8 syntax)
from falconpy import HostGroup
# Do not hardcode API credentials!
falcon = HostGroup(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.query_host_groups(filter="string",
offset=integer,
limit=integer,
sort="string"
)
print(response)
Service class example (Operation ID syntax)
from falconpy import HostGroup
# Do not hardcode API credentials!
falcon = HostGroup(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.queryHostGroups(filter="string",
offset=integer,
limit=integer,
sort="string"
)
print(response)
Uber class example
from falconpy import APIHarnessV2
# Do not hardcode API credentials!
falcon = APIHarnessV2(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.command("queryHostGroups",
filter="string",
offset=integer,
limit=integer,
sort="string"
)
print(response)