Public/detects.ps1
|
function Edit-Detection { <# .SYNOPSIS Additional information is available with the -Help parameter .LINK https://github.com/crowdstrike/psfalcon #> [CmdletBinding()] [OutputType()] param() DynamicParam { $Endpoints = @('/detects/entities/detects/v2:patch') return (Get-Dictionary -Endpoints $Endpoints -OutVariable Dynamic) } process { if ($PSBoundParameters.Help) { Get-DynamicHelp -Command $MyInvocation.MyCommand.Name } elseif ($PSBoundParameters.Comment -and (-not($PSBoundParameters.AssignedToUuid -or $PSBoundParameters.ShowInUi -or $PSBoundParameters.Status))) { throw 'AssignedToUuid, ShowInUi or Status are required when using Comment' } else { Invoke-Request -Query $Endpoints[0] -Dynamic $Dynamic } } } function Get-Detection { <# .SYNOPSIS Additional information is available with the -Help parameter .LINK https://github.com/crowdstrike/psfalcon #> [CmdletBinding(DefaultParameterSetName = '/detects/queries/detects/v1:get')] [OutputType()] param() DynamicParam { $Endpoints = @('/detects/queries/detects/v1:get', '/detects/entities/summaries/GET/v1:post') return (Get-Dictionary -Endpoints $Endpoints -OutVariable Dynamic) } process { if ($PSBoundParameters.Help) { Get-DynamicHelp -Command $MyInvocation.MyCommand.Name } else { $Param = @{ Command = $MyInvocation.MyCommand.Name Query = $Endpoints[0] Entity = $Endpoints[1] Dynamic = $Dynamic } switch ($PSBoundParameters.Keys) { 'All' { $Param['All'] = $true } 'Total' { $Param['Total'] = $true } 'Detailed' { $Param['Detailed'] = $true } } Invoke-Request @Param } } } |