Release 2.1.4 · CrowdStrike/psfalcon

New Commands

General Changes

Command Changes

Updated the 'Sort' values for the following commands:
'Get-FalconCidGroup', 'Get-FalconCidGroupMember', 'Get-FalconGroupRole', 'Get-FalconIoaGroup',
'Get-FalconIoaRole', 'Get-FalconIoc', 'Get-FalconMemberCid', 'Get-FalconScheduledReport',
'Get-FalconQuarantine', 'Get-FalconUserGroup', 'Get-FalconUserGroupMember'.
Updated the 'Limit' values for the following commands:
'Get-FalconBehavior', 'Get-FalconIncident'.
Updated the following commands to generate an error when the 'Path' parameter is given a directory:
'Edit-FalconScript', 'Send-FalconPutFile', 'Send-FalconSample', 'Send-FalconScript'.
Add-FalconHostTag
Renamed to 'Add-FalconGroupingTag' to clarify purpose and prevent confusion with 'Add-FalconSensorTag'.
Get-FalconHost
Added list of accepted 'Sort' values based on related 'Filter' values accepted by 'devices-scroll' API.
Invoke-FalconDeploy
Added check for OS version and 'cd_temp' step to change to a default temporary directory (\Windows\Temp or
/tmp) before the 'put' and 'run' commands.
Invoke-FalconRtr
Suppressed output of session init 'stdout' value so it doesn't display when the following command results in
an error.
Remove-FalconHostTag
Renamed to 'Remove-FalconGroupingTag' to clarify purpose and prevent confusion with 'Remove-FalconSensorTag'.
Request-FalconToken
Added 'Authorization token request failed' message when token request fails to ensure that an error is
produced when an HTTP 403 response is suppressed from the oauth2 API.

GitHub Issues

Issue #79: Fixed bug with 'Invoke-FalconRtr' using the 'get' command that prevented completion of 'get'
requests and output of 'batch_get_cmd_req_id' value.
Issue #82: Fixed typo causing relative 'Last X days/hours' value to not be properly calculated.
Issue #84: Added break to abort requests when missing authorization token.
Issue #85: Modified 'Update-FieldName' to ensure evaluation of [boolean] parameters.

Provide feedback