Public/policy.ps1
function Edit-DeviceControlPolicy { <# .SYNOPSIS Additional information is available with the -Help parameter .LINK https://github.com/crowdstrike/psfalcon #> [CmdletBinding()] [OutputType()] param() DynamicParam { $Endpoints = @('/policy/entities/device-control/v1:patch', 'script:EditPolicyArray') return (Get-Dictionary -Endpoints $Endpoints -OutVariable Dynamic) } process { if ($PSBoundParameters.Help) { Get-DynamicHelp -Command $MyInvocation.MyCommand.Name } elseif ($PSBoundParameters.Array) { $Param = Get-Param -Endpoint $Endpoints[0] -Dynamic $Dynamic $Param['Body'] = @{ resources = @( $PSBoundParameters.Array ) } Format-Body -Param $Param Invoke-Endpoint @Param } else { Invoke-Request -Query $Endpoints[0] -Dynamic $Dynamic } } } function Edit-FirewallPolicy { <# .SYNOPSIS Additional information is available with the -Help parameter .LINK https://github.com/crowdstrike/psfalcon #> [CmdletBinding()] [OutputType()] param() DynamicParam { $Endpoints = @('/policy/entities/firewall/v1:patch', 'script:EditPolicyArray') return (Get-Dictionary -Endpoints $Endpoints -OutVariable Dynamic) } process { if ($PSBoundParameters.Help) { Get-DynamicHelp -Command $MyInvocation.MyCommand.Name } elseif ($PSBoundParameters.Array) { $Param = Get-Param -Endpoint $Endpoints[0] -Dynamic $Dynamic $Param['Body'] = @{ resources = @( $PSBoundParameters.Array ) } Format-Body -Param $Param Invoke-Endpoint @Param } else { Invoke-Request -Query $Endpoints[0] -Dynamic $Dynamic } } } function Edit-IOAExclusion { <# .SYNOPSIS Additional information is available with the -Help parameter .LINK https://github.com/crowdstrike/psfalcon #> [CmdletBinding()] [OutputType()] param() DynamicParam { $Endpoints = @('/policy/entities/ioa-exclusions/v1:patch') return (Get-Dictionary -Endpoints $Endpoints -OutVariable Dynamic) } process { if ($PSBoundParameters.Help) { Get-DynamicHelp -Command $MyInvocation.MyCommand.Name } else { Invoke-Request -Query $Endpoints[0] -Dynamic $Dynamic } } } function Edit-MLExclusion { <# .SYNOPSIS Additional information is available with the -Help parameter .LINK https://github.com/crowdstrike/psfalcon #> [CmdletBinding()] [OutputType()] param() DynamicParam { $Endpoints = @('/policy/entities/ml-exclusions/v1:patch') return (Get-Dictionary -Endpoints $Endpoints -OutVariable Dynamic) } process { if ($PSBoundParameters.Help) { Get-DynamicHelp -Command $MyInvocation.MyCommand.Name } else { Invoke-Request -Query $Endpoints[0] -Dynamic $Dynamic } } } function Edit-PreventionPolicy { <# .SYNOPSIS Additional information is available with the -Help parameter .LINK https://github.com/crowdstrike/psfalcon #> [CmdletBinding()] [OutputType()] param() DynamicParam { $Endpoints = @('/policy/entities/prevention/v1:patch', 'script:EditPolicyArray') return (Get-Dictionary -Endpoints $Endpoints -OutVariable Dynamic) } process { if ($PSBoundParameters.Help) { Get-DynamicHelp -Command $MyInvocation.MyCommand.Name } elseif ($PSBoundParameters.Array) { $Param = Get-Param -Endpoint $Endpoints[0] -Dynamic $Dynamic $Param['Body'] = @{ resources = @( $PSBoundParameters.Array ) } Format-Body -Param $Param Invoke-Endpoint @Param } else { Invoke-Request -Query $Endpoints[0] -Dynamic $Dynamic } } } function Edit-ResponsePolicy { <# .SYNOPSIS Additional information is available with the -Help parameter .LINK https://github.com/crowdstrike/psfalcon #> [CmdletBinding()] [OutputType()] param() DynamicParam { $Endpoints = @('/policy/entities/response/v1:patch', 'script:EditPolicyArray') return (Get-Dictionary -Endpoints $Endpoints -OutVariable Dynamic) } process { if ($PSBoundParameters.Help) { Get-DynamicHelp -Command $MyInvocation.MyCommand.Name } elseif ($PSBoundParameters.Array) { $Param = Get-Param -Endpoint $Endpoints[0] -Dynamic $Dynamic $Param['Body'] = @{ resources = @( $PSBoundParameters.Array ) } Format-Body -Param $Param Invoke-Endpoint @Param } else { Invoke-Request -Query $Endpoints[0] -Dynamic $Dynamic } } } function Edit-SensorUpdatePolicy { <# .SYNOPSIS Additional information is available with the -Help parameter .LINK https://github.com/crowdstrike/psfalcon #> [CmdletBinding()] [OutputType()] param() DynamicParam { $Endpoints = @('/policy/entities/sensor-update/v2:patch', 'script:EditPolicyArray') return (Get-Dictionary -Endpoints $Endpoints -OutVariable Dynamic) } process { if ($PSBoundParameters.Help) { Get-DynamicHelp -Command $MyInvocation.MyCommand.Name } elseif ($PSBoundParameters.Array) { $Param = Get-Param -Endpoint $Endpoints[0] -Dynamic $Dynamic $Param['Body'] = @{ resources = @( $PSBoundParameters.Array ) } Format-Body -Param $Param Invoke-Endpoint @Param } else { Invoke-Request -Query $Endpoints[0] -Dynamic $Dynamic } } } function Edit-SVExclusion { <# .SYNOPSIS Additional information is available with the -Help parameter .LINK https://github.com/crowdstrike/psfalcon #> [CmdletBinding()] [OutputType()] param() DynamicParam { $Endpoints = @('/policy/entities/sv-exclusions/v1:patch') return (Get-Dictionary -Endpoints $Endpoints -OutVariable Dynamic) } process { if ($PSBoundParameters.Help) { Get-DynamicHelp -Command $MyInvocation.MyCommand.Name } else { Invoke-Request -Query $Endpoints[0] -Dynamic $Dynamic } } } function Get-Build { <# .SYNOPSIS Additional information is available with the -Help parameter .LINK https://github.com/crowdstrike/psfalcon #> [CmdletBinding()] [OutputType()] param() DynamicParam { $Endpoints = @('/policy/combined/sensor-update-builds/v1:get') return (Get-Dictionary -Endpoints $Endpoints -OutVariable Dynamic) } process { if ($PSBoundParameters.Help) { Get-DynamicHelp -Command $MyInvocation.MyCommand.Name } else { Invoke-Request -Query $Endpoints[0] -Dynamic $Dynamic } } } function Get-DeviceControlPolicy { <# .SYNOPSIS Additional information is available with the -Help parameter .LINK https://github.com/crowdstrike/psfalcon #> [CmdletBinding(DefaultParameterSetName = '/policy/queries/device-control/v1:get')] [OutputType()] param() DynamicParam { $Endpoints = @('/policy/queries/device-control/v1:get', '/policy/entities/device-control/v1:get', '/policy/combined/device-control/v1:get') return (Get-Dictionary -Endpoints $Endpoints -OutVariable Dynamic) } process { if ($PSBoundParameters.Help) { Get-DynamicHelp -Command $MyInvocation.MyCommand.Name -Exclusions @( '/policy/combined/device-control/v1:get') } else { $Param = @{ Command = $MyInvocation.MyCommand.Name Query = $Endpoints[0] Entity = $Endpoints[1] Dynamic = $Dynamic } switch ($PSBoundParameters.Keys) { 'All' { $Param['All'] = $true } 'Total' { $Param['Total'] = $true } 'Detailed' { $Param.Query = $Endpoints[2] } } Invoke-Request @Param } } } function Get-DeviceControlPolicyMember { <# .SYNOPSIS Additional information is available with the -Help parameter .LINK https://github.com/crowdstrike/psfalcon #> [CmdletBinding(DefaultParameterSetName = '/policy/queries/device-control-members/v1:get')] [OutputType()] param() DynamicParam { $Endpoints = @('/policy/queries/device-control-members/v1:get', '/policy/combined/device-control-members/v1:get') return (Get-Dictionary -Endpoints $Endpoints -OutVariable Dynamic) } process { if ($PSBoundParameters.Help) { Get-DynamicHelp -Command $MyInvocation.MyCommand.Name -Exclusions @( '/policy/combined/device-control-members/v1:get') } else { $Param = @{ Command = $MyInvocation.MyCommand.Name Query = $Endpoints[0] Dynamic = $Dynamic } switch ($PSBoundParameters.Keys) { 'All' { $Param['All'] = $true } 'Total' { $Param['Total'] = $true } 'Detailed' { $Param.Query = $Endpoints[1] } } Invoke-Request @Param } } } function Get-FirewallPolicy { <# .SYNOPSIS Additional information is available with the -Help parameter .LINK https://github.com/crowdstrike/psfalcon #> [CmdletBinding(DefaultParameterSetName = '/policy/queries/firewall/v1:get')] [OutputType()] param() DynamicParam { $Endpoints = @('/policy/queries/firewall/v1:get', '/policy/entities/firewall/v1:get', '/policy/combined/firewall/v1:get') return (Get-Dictionary -Endpoints $Endpoints -OutVariable Dynamic) } process { if ($PSBoundParameters.Help) { Get-DynamicHelp -Command $MyInvocation.MyCommand.Name -Exclusions @('/policy/combined/firewall/v1:get') } else { $Param = @{ Command = $MyInvocation.MyCommand.Name Query = $Endpoints[0] Entity = $Endpoints[1] Dynamic = $Dynamic } switch ($PSBoundParameters.Keys) { 'All' { $Param['All'] = $true } 'Total' { $Param['Total'] = $true } 'Detailed' { $Param.Query = $Endpoints[2] } } Invoke-Request @Param } } } function Get-FirewallPolicyMember { <# .SYNOPSIS Additional information is available with the -Help parameter .LINK https://github.com/crowdstrike/psfalcon #> [CmdletBinding(DefaultParameterSetName = '/policy/queries/firewall-members/v1:get')] [OutputType()] param() DynamicParam { $Endpoints = @('/policy/queries/firewall-members/v1:get', '/policy/combined/firewall-members/v1:get') return (Get-Dictionary -Endpoints $Endpoints -OutVariable Dynamic) } process { if ($PSBoundParameters.Help) { Get-DynamicHelp -Command $MyInvocation.MyCommand.Name -Exclusions @( '/policy/combined/firewall-members/v1:get') } else { $Param = @{ Command = $MyInvocation.MyCommand.Name Query = $Endpoints[0] Dynamic = $Dynamic } switch ($PSBoundParameters.Keys) { 'All' { $Param['All'] = $true } 'Total' { $Param['Total'] = $true } 'Detailed' { $Param.Query = $Endpoints[1] } } Invoke-Request @Param } } } function Get-IOAExclusion { <# .SYNOPSIS Additional information is available with the -Help parameter .LINK https://github.com/crowdstrike/psfalcon #> [CmdletBinding(DefaultParameterSetName = '/policy/queries/ioa-exclusions/v1:get')] [OutputType()] param() DynamicParam { $Endpoints = @('/policy/queries/ioa-exclusions/v1:get', '/policy/entities/ioa-exclusions/v1:get') return (Get-Dictionary -Endpoints $Endpoints -OutVariable Dynamic) } process { if ($PSBoundParameters.Help) { Get-DynamicHelp -Command $MyInvocation.MyCommand.Name } else { $Param = @{ Command = $MyInvocation.MyCommand.Name Query = $Endpoints[0] Entity = $Endpoints[1] Dynamic = $Dynamic } switch ($PSBoundParameters.Keys) { 'All' { $Param['All'] = $true } 'Total' { $Param['Total'] = $true } 'Detailed' { $Param['Detailed'] = $true } } Invoke-Request @Param } } } function Get-MLExclusion { <# .SYNOPSIS Additional information is available with the -Help parameter .LINK https://github.com/crowdstrike/psfalcon #> [CmdletBinding(DefaultParameterSetName = '/policy/queries/ml-exclusions/v1:get')] [OutputType()] param() DynamicParam { $Endpoints = @('/policy/queries/ml-exclusions/v1:get', '/policy/entities/ml-exclusions/v1:get') return (Get-Dictionary -Endpoints $Endpoints -OutVariable Dynamic) } process { if ($PSBoundParameters.Help) { Get-DynamicHelp -Command $MyInvocation.MyCommand.Name } else { $Param = @{ Command = $MyInvocation.MyCommand.Name Query = $Endpoints[0] Entity = $Endpoints[1] Dynamic = $Dynamic } switch ($PSBoundParameters.Keys) { 'All' { $Param['All'] = $true } 'Total' { $Param['Total'] = $true } 'Detailed' { $Param['Detailed'] = $true } } Invoke-Request @Param } } } function Get-PreventionPolicy { <# .SYNOPSIS Additional information is available with the -Help parameter .LINK https://github.com/crowdstrike/psfalcon #> [CmdletBinding(DefaultParameterSetName = '/policy/queries/prevention/v1:get')] [OutputType()] param() DynamicParam { $Endpoints = @('/policy/queries/prevention/v1:get', '/policy/entities/prevention/v1:get', '/policy/combined/prevention/v1:get') return (Get-Dictionary -Endpoints $Endpoints -OutVariable Dynamic) } process { if ($PSBoundParameters.Help) { Get-DynamicHelp -Command $MyInvocation.MyCommand.Name -Exclusions @( '/policy/combined/prevention/v1:get') } else { $Param = @{ Command = $MyInvocation.MyCommand.Name Query = $Endpoints[0] Entity = $Endpoints[1] Dynamic = $Dynamic } switch ($PSBoundParameters.Keys) { 'All' { $Param['All'] = $true } 'Total' { $Param['Total'] = $true } 'Detailed' { $Param.Query = $Endpoints[2] } } Invoke-Request @Param } } } function Get-PreventionPolicyMember { <# .SYNOPSIS Additional information is available with the -Help parameter .LINK https://github.com/crowdstrike/psfalcon #> [CmdletBinding(DefaultParameterSetName = '/policy/queries/prevention-members/v1:get')] [OutputType()] param() DynamicParam { $Endpoints = @('/policy/queries/prevention-members/v1:get', '/policy/combined/prevention-members/v1:get') return (Get-Dictionary -Endpoints $Endpoints -OutVariable Dynamic) } process { if ($PSBoundParameters.Help) { Get-DynamicHelp -Command $MyInvocation.MyCommand.Name -Exclusions @( '/policy/combined/prevention-members/v1:get') } else { $Param = @{ Command = $MyInvocation.MyCommand.Name Query = $Endpoints[0] Dynamic = $Dynamic } switch ($PSBoundParameters.Keys) { 'All' { $Param['All'] = $true } 'Total' { $Param['Total'] = $true } 'Detailed' { $Param.Query = $Endpoints[1] } } Invoke-Request @Param } } } function Get-ResponsePolicy { <# .SYNOPSIS Additional information is available with the -Help parameter .LINK https://github.com/crowdstrike/psfalcon #> [CmdletBinding(DefaultParameterSetName = '/policy/queries/response/v1:get')] [OutputType()] param() DynamicParam { $Endpoints = @('/policy/queries/response/v1:get', '/policy/entities/response/v1:get', '/policy/combined/response/v1:get') return (Get-Dictionary -Endpoints $Endpoints -OutVariable Dynamic) } process { if ($PSBoundParameters.Help) { Get-DynamicHelp -Command $MyInvocation.MyCommand.Name -Exclusions @( '/policy/combined/response/v1:get') } else { $Param = @{ Command = $MyInvocation.MyCommand.Name Query = $Endpoints[0] Entity = $Endpoints[1] Dynamic = $Dynamic } switch ($PSBoundParameters.Keys) { 'All' { $Param['All'] = $true } 'Total' { $Param['Total'] = $true } 'Detailed' { $Param.Query = $Endpoints[2] } } Invoke-Request @Param } } } function Get-ResponsePolicyMember { <# .SYNOPSIS Additional information is available with the -Help parameter .LINK https://github.com/crowdstrike/psfalcon #> [CmdletBinding(DefaultParameterSetName = '/policy/queries/response-members/v1:get')] [OutputType()] param() DynamicParam { $Endpoints = @('/policy/queries/response-members/v1:get', '/policy/combined/response-members/v1:get') return (Get-Dictionary -Endpoints $Endpoints -OutVariable Dynamic) } process { if ($PSBoundParameters.Help) { Get-DynamicHelp -Command $MyInvocation.MyCommand.Name -Exclusions @( '/policy/combined/response-members/v1:get') } else { $Param = @{ Command = $MyInvocation.MyCommand.Name Query = $Endpoints[0] Dynamic = $Dynamic } switch ($PSBoundParameters.Keys) { 'All' { $Param['All'] = $true } 'Total' { $Param['Total'] = $true } 'Detailed' { $Param.Query = $Endpoints[1] } } Invoke-Request @Param } } } function Get-SensorUpdatePolicy { <# .SYNOPSIS Additional information is available with the -Help parameter .LINK https://github.com/crowdstrike/psfalcon #> [CmdletBinding(DefaultParameterSetName = '/policy/queries/sensor-update/v1:get')] [OutputType()] param() DynamicParam { $Endpoints = @('/policy/queries/sensor-update/v1:get', '/policy/entities/sensor-update/v2:get', '/policy/combined/sensor-update/v2:get') return (Get-Dictionary -Endpoints $Endpoints -OutVariable Dynamic) } process { if ($PSBoundParameters.Help) { Get-DynamicHelp -Command $MyInvocation.MyCommand.Name -Exclusions @( '/policy/combined/sensor-update/v2:get') } else { $Param = @{ Command = $MyInvocation.MyCommand.Name Query = $Endpoints[0] Entity = $Endpoints[1] Dynamic = $Dynamic } switch ($PSBoundParameters.Keys) { 'All' { $Param['All'] = $true } 'Total' { $Param['Total'] = $true } 'Detailed' { $Param.Query = $Endpoints[2] } } Invoke-Request @Param } } } function Get-SensorUpdatePolicyMember { <# .SYNOPSIS Additional information is available with the -Help parameter .LINK https://github.com/crowdstrike/psfalcon #> [CmdletBinding(DefaultParameterSetName = '/policy/queries/sensor-update-members/v1:get')] [OutputType()] param() DynamicParam { $Endpoints = @('/policy/queries/sensor-update-members/v1:get', '/policy/combined/sensor-update-members/v1:get') return (Get-Dictionary -Endpoints $Endpoints -OutVariable Dynamic) } process { if ($PSBoundParameters.Help) { Get-DynamicHelp -Command $MyInvocation.MyCommand.Name -Exclusions @( '/policy/combined/sensor-update-members/v1:get') } else { $Param = @{ Command = $MyInvocation.MyCommand.Name Query = $Endpoints[0] Dynamic = $Dynamic } switch ($PSBoundParameters.Keys) { 'All' { $Param['All'] = $true } 'Total' { $Param['Total'] = $true } 'Detailed' { $Param.Query = $Endpoints[1] } } Invoke-Request @Param } } } function Get-SVExclusion { <# .SYNOPSIS Additional information is available with the -Help parameter .LINK https://github.com/crowdstrike/psfalcon #> [CmdletBinding(DefaultParameterSetName = '/policy/queries/sv-exclusions/v1:get')] [OutputType()] param() DynamicParam { $Endpoints = @('/policy/queries/sv-exclusions/v1:get', '/policy/entities/sv-exclusions/v1:get') return (Get-Dictionary -Endpoints $Endpoints -OutVariable Dynamic) } process { if ($PSBoundParameters.Help) { Get-DynamicHelp -Command $MyInvocation.MyCommand.Name } else { $Param = @{ Command = $MyInvocation.MyCommand.Name Query = $Endpoints[0] Entity = $Endpoints[1] Dynamic = $Dynamic } switch ($PSBoundParameters.Keys) { 'All' { $Param['All'] = $true } 'Total' { $Param['Total'] = $true } 'Detailed' { $Param['Detailed'] = $true } } Invoke-Request @Param } } } function Get-UninstallToken { <# .SYNOPSIS Additional information is available with the -Help parameter .LINK https://github.com/crowdstrike/psfalcon #> [CmdletBinding()] [OutputType()] param() DynamicParam { $Endpoints = @('/policy/combined/reveal-uninstall-token/v1:post') return (Get-Dictionary -Endpoints $Endpoints -OutVariable Dynamic) } process { if ($PSBoundParameters.Help) { Get-DynamicHelp -Command $MyInvocation.MyCommand.Name } else { Invoke-Request -Query $Endpoints[0] -Dynamic $Dynamic } } } function Invoke-DeviceControlPolicyAction { <# .SYNOPSIS Additional information is available with the -Help parameter .LINK https://github.com/crowdstrike/psfalcon #> [CmdletBinding()] [OutputType()] param() DynamicParam { $Endpoints = @('/policy/entities/device-control-actions/v1:post') return (Get-Dictionary -Endpoints $Endpoints -OutVariable Dynamic) } process { if ($PSBoundParameters.Help) { Get-DynamicHelp -Command $MyInvocation.MyCommand.Name } else { $Param = Get-Param -Endpoint $Endpoints[0] -Dynamic $Dynamic $Param.Body.ids = @( $Param.Body.ids ) if ($Param.Body.action_parameters) { $Param.Body.action_parameters[0].Add('name', 'group_id') } Format-Body -Param $Param Invoke-Endpoint @Param } } } function Invoke-FirewallPolicyAction { <# .SYNOPSIS Additional information is available with the -Help parameter .LINK https://github.com/crowdstrike/psfalcon #> [CmdletBinding()] [OutputType()] param() DynamicParam { $Endpoints = @('/policy/entities/firewall-actions/v1:post') return (Get-Dictionary -Endpoints $Endpoints -OutVariable Dynamic) } process { if ($PSBoundParameters.Help) { Get-DynamicHelp -Command $MyInvocation.MyCommand.Name } else { $Param = Get-Param -Endpoint $Endpoints[0] -Dynamic $Dynamic $Param.Body.ids = @( $Param.Body.ids ) if ($Param.Body.action_parameters) { $Param.Body.action_parameters[0].Add('name', 'group_id') } Format-Body -Param $Param Invoke-Endpoint @Param } } } function Invoke-PreventionPolicyAction { <# .SYNOPSIS Additional information is available with the -Help parameter .LINK https://github.com/crowdstrike/psfalcon #> [CmdletBinding()] [OutputType()] param() DynamicParam { $Endpoints = @('/policy/entities/prevention-actions/v1:post') return (Get-Dictionary -Endpoints $Endpoints -OutVariable Dynamic) } process { if ($PSBoundParameters.Help) { Get-DynamicHelp -Command $MyInvocation.MyCommand.Name } else { $Param = Get-Param -Endpoint $Endpoints[0] -Dynamic $Dynamic $Param.Body.ids = @( $Param.Body.ids ) if ($Param.Body.action_parameters) { $Value = if ($Param.Query -match 'rule-group$') { 'rule_group_id' } else { 'group_id' } $Param.Body.action_parameters[0].Add('name', $Value) } Format-Body -Param $Param Invoke-Endpoint @Param } } } function Invoke-ResponsePolicyAction { <# .SYNOPSIS Additional information is available with the -Help parameter .LINK https://github.com/crowdstrike/psfalcon #> [CmdletBinding()] [OutputType()] param() DynamicParam { $Endpoints = @('/policy/entities/response-actions/v1:post') return (Get-Dictionary -Endpoints $Endpoints -OutVariable Dynamic) } process { if ($PSBoundParameters.Help) { Get-DynamicHelp -Command $MyInvocation.MyCommand.Name } else { $Param = Get-Param -Endpoint $Endpoints[0] -Dynamic $Dynamic $Param.Body.ids = @( $Param.Body.ids ) if ($Param.Body.action_parameters) { $Param.Body.action_parameters[0].Add('name', 'group_id') } Format-Body -Param $Param Invoke-Endpoint @Param } } } function Invoke-SensorUpdatePolicyAction { <# .SYNOPSIS Additional information is available with the -Help parameter .LINK https://github.com/crowdstrike/psfalcon #> [CmdletBinding()] [OutputType()] param() DynamicParam { $Endpoints = @('/policy/entities/sensor-update-actions/v1:post') return (Get-Dictionary -Endpoints $Endpoints -OutVariable Dynamic) } process { if ($PSBoundParameters.Help) { Get-DynamicHelp -Command $MyInvocation.MyCommand.Name } else { $Param = Get-Param -Endpoint $Endpoints[0] -Dynamic $Dynamic $Param.Body.ids = @( $Param.Body.ids ) if ($Param.Body.action_parameters) { $Param.Body.action_parameters[0].Add('name', 'group_id') } Format-Body -Param $Param Invoke-Endpoint @Param } } } function New-DeviceControlPolicy { <# .SYNOPSIS Additional information is available with the -Help parameter .LINK https://github.com/crowdstrike/psfalcon #> [CmdletBinding()] [OutputType()] param() DynamicParam { $Endpoints = @('/policy/entities/device-control/v1:post', 'script:CreatePolicyArray') return (Get-Dictionary -Endpoints $Endpoints -OutVariable Dynamic) } process { if ($PSBoundParameters.Help) { Get-DynamicHelp -Command $MyInvocation.MyCommand.Name } elseif ($PSBoundParameters.Array) { $Param = Get-Param -Endpoint $Endpoints[0] -Dynamic $Dynamic $Param['Body'] = @{ resources = @( $PSBoundParameters.Array ) } Format-Body -Param $Param Invoke-Endpoint @Param } else { Invoke-Request -Query $Endpoints[0] -Dynamic $Dynamic } } } function New-FirewallPolicy { <# .SYNOPSIS Additional information is available with the -Help parameter .LINK https://github.com/crowdstrike/psfalcon #> [CmdletBinding()] [OutputType()] param() DynamicParam { $Endpoints = @('/policy/entities/firewall/v1:post', 'script:CreatePolicyArray') return (Get-Dictionary -Endpoints $Endpoints -OutVariable Dynamic) } process { if ($PSBoundParameters.Help) { Get-DynamicHelp -Command $MyInvocation.MyCommand.Name } elseif ($PSBoundParameters.Array) { $Param = Get-Param -Endpoint $Endpoints[0] -Dynamic $Dynamic $Param['Body'] = @{ resources = @( $PSBoundParameters.Array ) } Format-Body -Param $Param Invoke-Endpoint @Param } else { Invoke-Request -Query $Endpoints[0] -Dynamic $Dynamic } } } function New-IOAExclusion { <# .SYNOPSIS Additional information is available with the -Help parameter .LINK https://github.com/crowdstrike/psfalcon #> [CmdletBinding()] [OutputType()] param() DynamicParam { $Endpoints = @('/policy/entities/ioa-exclusions/v1:post') return (Get-Dictionary -Endpoints $Endpoints -OutVariable Dynamic) } process { if ($PSBoundParameters.Help) { Get-DynamicHelp -Command $MyInvocation.MyCommand.Name } else { $Param = Get-Param -Endpoint $Endpoints[0] -Dynamic $Dynamic $Param.Body.groups = @( $Param.Body.groups ) Format-Body -Param $Param Invoke-Endpoint @Param } } } function New-MLExclusion { <# .SYNOPSIS Additional information is available with the -Help parameter .LINK https://github.com/crowdstrike/psfalcon #> [CmdletBinding()] [OutputType()] param() DynamicParam { $Endpoints = @('/policy/entities/ml-exclusions/v1:post') return (Get-Dictionary -Endpoints $Endpoints -OutVariable Dynamic) } process { if ($PSBoundParameters.Help) { Get-DynamicHelp -Command $MyInvocation.MyCommand.Name } else { $Param = Get-Param -Endpoint $Endpoints[0] -Dynamic $Dynamic $Param.Body.groups = @( $Param.Body.groups ) Format-Body -Param $Param Invoke-Endpoint @Param } } } function New-PreventionPolicy { <# .SYNOPSIS Additional information is available with the -Help parameter .LINK https://github.com/crowdstrike/psfalcon #> [CmdletBinding()] [OutputType()] param() DynamicParam { $Endpoints = @('/policy/entities/prevention/v1:post', 'script:CreatePolicyArray') return (Get-Dictionary -Endpoints $Endpoints -OutVariable Dynamic) } process { if ($PSBoundParameters.Help) { Get-DynamicHelp -Command $MyInvocation.MyCommand.Name } elseif ($PSBoundParameters.Array) { $Param = Get-Param -Endpoint $Endpoints[0] -Dynamic $Dynamic $Param['Body'] = @{ resources = @( $PSBoundParameters.Array ) } Format-Body -Param $Param Invoke-Endpoint @Param } else { Invoke-Request -Query $Endpoints[0] -Dynamic $Dynamic } } } function New-ResponsePolicy { <# .SYNOPSIS Additional information is available with the -Help parameter .LINK https://github.com/crowdstrike/psfalcon #> [CmdletBinding()] [OutputType()] param() DynamicParam { $Endpoints = @('/policy/entities/response/v1:post', 'script:CreatePolicyArray') return (Get-Dictionary -Endpoints $Endpoints -OutVariable Dynamic) } process { if ($PSBoundParameters.Help) { Get-DynamicHelp -Command $MyInvocation.MyCommand.Name } elseif ($PSBoundParameters.Array) { $Param = Get-Param -Endpoint $Endpoints[0] -Dynamic $Dynamic $Param['Body'] = @{ resources = @( $PSBoundParameters.Array ) } Format-Body -Param $Param Invoke-Endpoint @Param } else { Invoke-Request -Query $Endpoints[0] -Dynamic $Dynamic } } } function New-SensorUpdatePolicy { <# .SYNOPSIS Additional information is available with the -Help parameter .LINK https://github.com/crowdstrike/psfalcon #> [CmdletBinding()] [OutputType()] param() DynamicParam { $Endpoints = @('/policy/entities/sensor-update/v2:post', 'script:CreatePolicyArray') return (Get-Dictionary -Endpoints $Endpoints -OutVariable Dynamic) } process { if ($PSBoundParameters.Help) { Get-DynamicHelp -Command $MyInvocation.MyCommand.Name } elseif ($PSBoundParameters.Array) { $Param = Get-Param -Endpoint $Endpoints[0] -Dynamic $Dynamic $Param['Body'] = @{ resources = @( $PSBoundParameters.Array ) } Format-Body -Param $Param Invoke-Endpoint @Param } else { Invoke-Request -Query $Endpoints[0] -Dynamic $Dynamic } } } function New-SVExclusion { <# .SYNOPSIS Additional information is available with the -Help parameter .LINK https://github.com/crowdstrike/psfalcon #> [CmdletBinding()] [OutputType()] param() DynamicParam { $Endpoints = @('/policy/entities/sv-exclusions/v1:post') return (Get-Dictionary -Endpoints $Endpoints -OutVariable Dynamic) } process { if ($PSBoundParameters.Help) { Get-DynamicHelp -Command $MyInvocation.MyCommand.Name } else { $Param = Get-Param -Endpoint $Endpoints[0] -Dynamic $Dynamic $Param.Body.groups = @( $Param.Body.groups ) Format-Body -Param $Param Invoke-Endpoint @Param } } } function Remove-DeviceControlPolicy { <# .SYNOPSIS Additional information is available with the -Help parameter .LINK https://github.com/crowdstrike/psfalcon #> [CmdletBinding()] [OutputType()] param() DynamicParam { $Endpoints = @('/policy/entities/device-control/v1:delete') return (Get-Dictionary -Endpoints $Endpoints -OutVariable Dynamic) } process { if ($PSBoundParameters.Help) { Get-DynamicHelp -Command $MyInvocation.MyCommand.Name } else { Invoke-Request -Query $Endpoints[0] -Dynamic $Dynamic } } } function Remove-FirewallPolicy { <# .SYNOPSIS Additional information is available with the -Help parameter .LINK https://github.com/crowdstrike/psfalcon #> [CmdletBinding()] [OutputType()] param() DynamicParam { $Endpoints = @('/policy/entities/firewall/v1:delete') return (Get-Dictionary -Endpoints $Endpoints -OutVariable Dynamic) } process { if ($PSBoundParameters.Help) { Get-DynamicHelp -Command $MyInvocation.MyCommand.Name } else { Invoke-Request -Query $Endpoints[0] -Dynamic $Dynamic } } } function Remove-IOAExclusion { <# .SYNOPSIS Additional information is available with the -Help parameter .LINK https://github.com/crowdstrike/psfalcon #> [CmdletBinding()] [OutputType()] param() DynamicParam { $Endpoints = @('/policy/entities/ioa-exclusions/v1:delete') return (Get-Dictionary -Endpoints $Endpoints -OutVariable Dynamic) } process { if ($PSBoundParameters.Help) { Get-DynamicHelp -Command $MyInvocation.MyCommand.Name } else { Invoke-Request -Query $Endpoints[0] -Dynamic $Dynamic } } } function Remove-MLExclusion { <# .SYNOPSIS Additional information is available with the -Help parameter .LINK https://github.com/crowdstrike/psfalcon #> [CmdletBinding()] [OutputType()] param() DynamicParam { $Endpoints = @('/policy/entities/ml-exclusions/v1:delete') return (Get-Dictionary -Endpoints $Endpoints -OutVariable Dynamic) } process { if ($PSBoundParameters.Help) { Get-DynamicHelp -Command $MyInvocation.MyCommand.Name } else { Invoke-Request -Query $Endpoints[0] -Dynamic $Dynamic } } } function Remove-PreventionPolicy { <# .SYNOPSIS Additional information is available with the -Help parameter .LINK https://github.com/crowdstrike/psfalcon #> [CmdletBinding()] [OutputType()] param() DynamicParam { $Endpoints = @('/policy/entities/prevention/v1:delete') return (Get-Dictionary -Endpoints $Endpoints -OutVariable Dynamic) } process { if ($PSBoundParameters.Help) { Get-DynamicHelp -Command $MyInvocation.MyCommand.Name } else { Invoke-Request -Query $Endpoints[0] -Dynamic $Dynamic } } } function Remove-ResponsePolicy { <# .SYNOPSIS Additional information is available with the -Help parameter .LINK https://github.com/crowdstrike/psfalcon #> [CmdletBinding()] [OutputType()] param() DynamicParam { $Endpoints = @('/policy/entities/response/v1:delete') return (Get-Dictionary -Endpoints $Endpoints -OutVariable Dynamic) } process { if ($PSBoundParameters.Help) { Get-DynamicHelp -Command $MyInvocation.MyCommand.Name } else { Invoke-Request -Query $Endpoints[0] -Dynamic $Dynamic } } } function Remove-SensorUpdatePolicy { <# .SYNOPSIS Additional information is available with the -Help parameter .LINK https://github.com/crowdstrike/psfalcon #> [CmdletBinding()] [OutputType()] param() DynamicParam { $Endpoints = @('/policy/entities/sensor-update/v1:delete') return (Get-Dictionary -Endpoints $Endpoints -OutVariable Dynamic) } process { if ($PSBoundParameters.Help) { Get-DynamicHelp -Command $MyInvocation.MyCommand.Name } else { Invoke-Request -Query $Endpoints[0] -Dynamic $Dynamic } } } function Remove-SVExclusion { <# .SYNOPSIS Additional information is available with the -Help parameter .LINK https://github.com/crowdstrike/psfalcon #> [CmdletBinding()] [OutputType()] param() DynamicParam { $Endpoints = @('/policy/entities/sv-exclusions/v1:delete') return (Get-Dictionary -Endpoints $Endpoints -OutVariable Dynamic) } process { if ($PSBoundParameters.Help) { Get-DynamicHelp -Command $MyInvocation.MyCommand.Name } else { Invoke-Request -Query $Endpoints[0] -Dynamic $Dynamic } } } function Set-DeviceControlPrecedence { <# .SYNOPSIS Additional information is available with the -Help parameter .LINK https://github.com/crowdstrike/psfalcon #> [CmdletBinding()] [OutputType()] param() DynamicParam { $Endpoints = @('/policy/entities/device-control-precedence/v1:post') return (Get-Dictionary -Endpoints $Endpoints -OutVariable Dynamic) } process { if ($PSBoundParameters.Help) { Get-DynamicHelp -Command $MyInvocation.MyCommand.Name } else { Invoke-Request -Query $Endpoints[0] -Dynamic $Dynamic } } } function Set-FirewallPrecedence { <# .SYNOPSIS Additional information is available with the -Help parameter .LINK https://github.com/crowdstrike/psfalcon #> [CmdletBinding()] [OutputType()] param() DynamicParam { $Endpoints = @('/policy/entities/firewall-precedence/v1:post') return (Get-Dictionary -Endpoints $Endpoints -OutVariable Dynamic) } process { if ($PSBoundParameters.Help) { Get-DynamicHelp -Command $MyInvocation.MyCommand.Name } else { Invoke-Request -Query $Endpoints[0] -Dynamic $Dynamic } } } function Set-PreventionPrecedence { <# .SYNOPSIS Additional information is available with the -Help parameter .LINK https://github.com/crowdstrike/psfalcon #> [CmdletBinding()] [OutputType()] param() DynamicParam { $Endpoints = @('/policy/entities/prevention-precedence/v1:post') return (Get-Dictionary -Endpoints $Endpoints -OutVariable Dynamic) } process { if ($PSBoundParameters.Help) { Get-DynamicHelp -Command $MyInvocation.MyCommand.Name } else { Invoke-Request -Query $Endpoints[0] -Dynamic $Dynamic } } } function Set-ResponsePrecedence { <# .SYNOPSIS Additional information is available with the -Help parameter .LINK https://github.com/crowdstrike/psfalcon #> [CmdletBinding()] [OutputType()] param() DynamicParam { $Endpoints = @('/policy/entities/response-precedence/v1:post') return (Get-Dictionary -Endpoints $Endpoints -OutVariable Dynamic) } process { if ($PSBoundParameters.Help) { Get-DynamicHelp -Command $MyInvocation.MyCommand.Name } else { Invoke-Request -Query $Endpoints[0] -Dynamic $Dynamic } } } function Set-SensorUpdatePrecedence { <# .SYNOPSIS Additional information is available with the -Help parameter .LINK https://github.com/crowdstrike/psfalcon #> [CmdletBinding()] [OutputType()] param() DynamicParam { $Endpoints = @('/policy/entities/sensor-update-precedence/v1:post') return (Get-Dictionary -Endpoints $Endpoints -OutVariable Dynamic) } process { if ($PSBoundParameters.Help) { Get-DynamicHelp -Command $MyInvocation.MyCommand.Name } else { Invoke-Request -Query $Endpoints[0] -Dynamic $Dynamic } } } |