Using the Report Executions service collection
Table of Contents
| Operation ID | Description | ||||
|---|---|---|---|---|---|
| Get report entity download | ||||
| Retry the execution of a report by ID. | ||||
| Retrieve report details for the provided report IDs. | ||||
| Find all report execution IDs matching the query with filter | ||||
Passing credentials
WARNING
client_idandclient_secretare keyword arguments that contain your CrowdStrike API credentials. Please note that all examples below do not hard code these values. (These values are ingested as strings.)CrowdStrike does not recommend hard coding API credentials or customer identifiers within source code.
report_executions_download_get
Get report entity download
PEP8 method name
get_download
Endpoint
| Method | Route |
|---|---|
 | /reports/entities/report-executions-download/v1 |
Required Scope
Content-Type
- Consumes: application/json
- Produces: application/octet-stream
Keyword Arguments
| Name | Service | Uber | Type | Data type | Description |
|---|---|---|---|---|---|
| ids |  | | query | string or list of strings | The report_execution id to download. |
| parameters | | | query | dictionary | Full query string parameters payload in JSON format. |
Usage
Service class example (PEP8 syntax)
from falconpy import ReportExecutions
# Do not hardcode API credentials!
falcon = ReportExecutions(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
id_list = 'ID HERE'
save_file = "some_file.ext"
response = falcon.get_download(ids=id_list)
open(save_file, 'wb').write(response)
Service class example (Operation ID syntax)
from falconpy import ReportExecutions
# Do not hardcode API credentials!
falcon = ReportExecutions(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
id_list = 'ID HERE'
save_file = "some_file.ext"
response = falcon.report_executions_download_get(ids=id_list)
open(save_file, 'wb').write(response)
Uber class example
from falconpy import APIHarnessV2
# Do not hardcode API credentials!
falcon = APIHarnessV2(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
id_list = 'ID HERE'
save_file = "some_file.ext"
response = falcon.command("report_executions_download_get", ids=id_list)
open(save_file, 'wb').write(response)
Back to Table of Contents
report_executions_retry
Retry the execution of a report by ID.
PEP8 method name
retry_reports
Endpoint
| Method | Route |
|---|---|
 | /reports/entities/report-executions-retry/v1 |
Required Scope
Content-Type
- Consumes: application/json
- Produces: application/json
Keyword Arguments
| Name | Service | Uber | Type | Data type | Description |
|---|---|---|---|---|---|
| ids | |  | query | string or list of strings | The report_execution ID(s) to retry execution. |
| body | |  | query | dictionary | Full body payload in JSON format. |
Usage
Service class example (PEP8 syntax)
from falconpy import ReportExecutions
# Do not hardcode API credentials!
falcon = ReportExecutions(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
id_list = 'ID HERE'
response = falcon.retry_reports(ids=id_list)
print(response)
Service class example (Operation ID syntax)
from falconpy import ReportExecutions
# Do not hardcode API credentials!
falcon = ReportExecutions(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
id_list = 'ID HERE'
response = falcon.report_executions_retry(ids=id_list)
print(response)
Uber class example
from falconpy import APIHarnessV2
# Do not hardcode API credentials!
falcon = APIHarnessV2(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
# To send multiple retries, pass a list of dictionaries, each holding one ID
BODY = {
"id": "ID HERE"
}
response = falcon.command("report_executions_retry", body=BODY)
print(response)
Back to Table of Contents
report_executions_get
Retrieve report details for the provided report IDs.
PEP8 method name
get_reports
Endpoint
| Method | Route |
|---|---|
| /reports/entities/report-executions/v1 |
Required Scope
Content-Type
- Consumes: application/json
- Produces: application/json
Keyword Arguments
| Name | Service | Uber | Type | Data type | Description |
|---|---|---|---|---|---|
| ids | | | query | string or list of strings | The report_execution id to get details about. |
| parameters | | | query | dictionary | Full query string parameters payload in JSON format. |
Usage
Service class example (PEP8 syntax)
from falconpy import ReportExecutions
# Do not hardcode API credentials!
falcon = ReportExecutions(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
id_list = 'ID HERE'
response = falcon.get_reports(ids=id_list)
print(response)
Service class example (Operation ID syntax)
from falconpy import ReportExecutions
# Do not hardcode API credentials!
falcon = ReportExecutions(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
id_list = 'ID1 HERE'
response = falcon.report_executions_get(ids=id_list)
print(response)
Uber class example
from falconpy import APIHarnessV2
# Do not hardcode API credentials!
falcon = APIHarnessV2(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
id_list = 'ID1 HERE'
response = falcon.command("report_executions_get", ids=id_list)
print(response)
Back to Table of Contents
report_executions_query
Find all report execution IDs matching the query with filter
PEP8 method name
query_reports
Endpoint
| Method | Route |
|---|---|
| /reports/queries/report-executions/v1 |
Required Scope
Content-Type
- Consumes: application/json
- Produces: application/json
Keyword Arguments
| Name | Service | Uber | Type | Data type | Description |
|---|---|---|---|---|---|
| filter | | | query | string | FQL query specifying the filter parameters. Filter term criteria:
|
| limit | | | query | integer | Number of ids to return. |
| offset | | | query | string | Starting index of overall result set from which to return ids. |
| parameters | | | query | dictionary | Full query string parameters payload in JSON format. |
| q | | | query | string | Match query criteria, which includes all the filter string fields. |
| sort | | | query | string | Possible order by fields:
|
Usage
Service class example (PEP8 syntax)
from falconpy import ReportExecutions
# Do not hardcode API credentials!
falcon = ReportExecutions(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.query_reports(sort="string",
filter="string",
q="string",
offset="string",
limit=integer
)
print(response)
Service class example (Operation ID syntax)
from falconpy import ReportExecutions
# Do not hardcode API credentials!
falcon = ReportExecutions(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.report_executions_query(sort="string",
filter="string",
q="string",
offset="string",
limit=integer
)
print(response)
Uber class example
from falconpy import APIHarnessV2
# Do not hardcode API credentials!
falcon = APIHarnessV2(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.command("report_executions_query",
sort="string",
filter="string",
q="string",
offset="string",
limit=integer
)
print(response)
Back to Table of Contents