Using the Event Streams service collection
This service collection has code examples posted to the repository.
Table of Contents
Operation ID | Description | ||||
---|---|---|---|---|---|
| Refresh an active event stream. Use the URL shown in a listAvailableStreamsOAuth2 response. | ||||
| Discover all event streams in your environment |
Passing credentials
WARNING
client_id
andclient_secret
are keyword arguments that contain your CrowdStrike API credentials. Please note that all examples below do not hard code these values. (These values are ingested as strings.)CrowdStrike does not recommend hard coding API credentials or customer identifiers within source code.
refreshActiveStreamSession
Refresh an active event stream. Use the URL shown in a listAvailableStreamsOAuth2 response.
PEP8 method name
refresh_active_stream
Endpoint
Method | Route |
---|---|
/sensors/entities/datafeed-actions/v1/{} |
Required Scope
Content-Type
- Consumes: application/json
- Produces: application/json
Keyword Arguments
Name | Service | Uber | Type | Data type | Description |
---|---|---|---|---|---|
action_name | query | string | The name of the action to perform. The only allowed value is refresh_active_stream_session . Defaults to this value if not present when using the Service Class. | ||
app_id | query | string | Label that identifies your connection. Max: 32 alphanumeric characters (a-z, A-Z, 0-9). Will also accept the keyword appId to specify this value. | ||
partition | path | integer | Partition to request data for. If you are using the Service Class, this will default to 0 when not specified. | ||
parameters | query | dictionary | Full query string parameters payload in JSON format. |
Usage
Service class example (PEP8 syntax)
from falconpy import EventStreams
# Do not hardcode API credentials!
falcon = EventStreams(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
PARTITION = 0 #Refresh the partition we are working with
response = falcon.refresh_active_stream(action_name="string",
app_id="string",
partition=PARTITION
)
print(response)
Service class example (Operation ID syntax)
from falconpy import EventStreams
# Do not hardcode API credentials!
falcon = EventStreams(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
PARTITION = 0 #Refresh the partition we are working with
response = falcon.refreshActiveStreamSession(action_name="string",
app_id="string",
partition=PARTITION
)
print(response)
Uber class example
from falconpy import APIHarnessV2
# Do not hardcode API credentials!
falcon = APIHarnessV2(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
PARTITION = 0 #Refresh the partition we are working with
response = falcon.command("refreshActiveStreamSession",
app_id="string",
partition=PARTITION,
action_name="string"
)
print(response)
listAvailableStreamsOAuth2
Discover all event streams in your environment
PEP8 method name
list_available_streams
Endpoint
Method | Route |
---|---|
/sensors/entities/datafeed/v2 |
Required Scope
Content-Type
- Consumes: application/json
- Produces: application/json
Keyword Arguments
Name | Service | Uber | Type | Data type | Description |
---|---|---|---|---|---|
app_id | query | string | Label that identifies your connection. Max: 32 alphanumeric characters (a-z, A-Z, 0-9). Will also accept the keyword appId to specify this value. | ||
format | query | string | Format for streaming events. Valid values: json , flatjson | ||
parameters | query | dictionary | Full query string parameters payload in JSON format. |
Usage
Service class example (PEP8 syntax)
from falconpy import EventStreams
# Do not hardcode API credentials!
falcon = EventStreams(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.list_available_streams(app_id="string", format="string")
print(response)
Service class example (Operation ID syntax)
from falconpy import EventStreams
# Do not hardcode API credentials!
falcon = EventStreams(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.listAvailableStreamsOAuth2(app_id="string", format="string")
print(response)
Uber class example
from falconpy import APIHarnessV2
# Do not hardcode API credentials!
falcon = APIHarnessV2(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.command("listAvailableStreamsOAuth2", app_id="string", format="string")
print(response)