PSFalcon

2.1.9

Public/spotlight-vulnerabilities.ps1

                                function Get-FalconRemediation {

    [CmdletBinding(DefaultParameterSetName = '/spotlight/entities/remediations/v2:get')]

    param(

        [Parameter(ParameterSetName = '/spotlight/entities/remediations/v2:get', Mandatory = $true,

            Position = 1)]

        [ValidatePattern('^\w{32}$')]

        [array] $Ids

    )

    process {

        $Param = @{

            Command  = $MyInvocation.MyCommand.Name

            Endpoint = $PSCmdlet.ParameterSetName

            Inputs   = $PSBoundParameters

            Format   = @{ Query = @('ids') }

        }

        Invoke-Falcon @Param

    }

}

function Get-FalconVulnerability {

    [CmdletBinding(DefaultParameterSetName = '/spotlight/queries/vulnerabilities/v1:get')]

    param(

        [Parameter(ParameterSetName = '/spotlight/entities/vulnerabilities/v2:get', Mandatory = $true,

            Position = 1)]

        [ValidatePattern('^\w{32}_\w{32}$')]

        [array] $Ids,

        [Parameter(ParameterSetName = '/spotlight/queries/vulnerabilities/v1:get', Mandatory = $true,

            Position = 1)]

        [Parameter(ParameterSetName = '/spotlight/combined/vulnerabilities/v1:get', Mandatory = $true,

            Position = 1)]

        [ValidateScript({ Test-FqlStatement $_ })]

        [string] $Filter,

        [Parameter(ParameterSetName = '/spotlight/combined/vulnerabilities/v1:get', Position = 2)]

        [ValidateSet('cve', 'host_info', 'remediation')]

        [array] $Facet,

        [Parameter(ParameterSetName = '/spotlight/queries/vulnerabilities/v1:get', Position = 3)]

        [Parameter(ParameterSetName = '/spotlight/combined/vulnerabilities/v1:get', Position = 3)]

        [ValidateSet('created_timestamp.asc', 'created_timestamp.desc', 'closed_timestamp.asc',

            'closed_timestamp.desc', 'updated_timestamp.asc', 'updated_timestamp.desc')]

        [string] $Sort,

        [Parameter(ParameterSetName = '/spotlight/queries/vulnerabilities/v1:get', Position = 4)]

        [Parameter(ParameterSetName = '/spotlight/combined/vulnerabilities/v1:get', Position = 4)]

        [ValidateRange(1,400)]

        [int] $Limit,

        [Parameter(ParameterSetName = '/spotlight/queries/vulnerabilities/v1:get', Position = 5)]

        [Parameter(ParameterSetName = '/spotlight/combined/vulnerabilities/v1:get', Position = 5)]

        [string] $After,

        [Parameter(ParameterSetName = '/spotlight/combined/vulnerabilities/v1:get', Mandatory = $true)]

        [switch] $Detailed,

        [Parameter(ParameterSetName = '/spotlight/queries/vulnerabilities/v1:get')]

        [Parameter(ParameterSetName = '/spotlight/combined/vulnerabilities/v1:get')]

        [switch] $All,

        [Parameter(ParameterSetName = '/spotlight/queries/vulnerabilities/v1:get')]

        [switch] $Total

    )

    process {

        $Param = @{

            Command  = $MyInvocation.MyCommand.Name

            Endpoint = $PSCmdlet.ParameterSetName

            Inputs   = $PSBoundParameters

            Format   = @{ Query = @('after', 'sort', 'ids', 'filter', 'limit', 'facet') }

        }

        Invoke-Falcon @Param

    }

}