search

Falcon CrowdStrike Discover

hashtag
Connection Requirements

1

hashtag
Domain

The domain of the CrowdStrike.

circle-info

🔵 Default: https://api.crowdstrike.com

circle-exclamation

⚠️ Warning The domain may change depending on the region where the server is located. You can find the domain information where you created the Client ID and Client Secret information.

2

hashtag
Client ID

Generated Client ID for a user that has the permissions to fetch asset details.

3

hashtag
Client Secret

Generated Client Secret Key for a user that has the permissions to fetch asset details.

circle-info

🔵 You can follow the steps below. To define a CrowdStrike API client, you must be assigned the Falcon Administrator role to view, create, or modify API clients or keys. Secrets are only shown when a new API Client is created or reset.

  • When logged into the Falcon UI, navigate to Support > API Clients and Keys.

  • From there you can view existing clients, add new API clients, or view the audit log.

  • When you click “Add new API Client” you will be prompted to give a descriptive name and select the appropriate API scopes. For Discover the following read permissions are required: Identity Protection Assessment, Identity Protection Detections, Identity Protection Enforcement, Identity Protection Entities, Identity Protection Timeline.

  • After you click save, you will be presented with the Client ID and Client Secret. The secret will only be shown once and must be saved somewhere.

circle-info

🔵 Note The secret will only be shown once and must be saved somewhere.

4

hashtag
SSL

Use SSL for connection (optional, default: Encrypted).

5

hashtag
Timeout

Timeout for return API call (default: 30)

6

hashtag
Fetch Installed Software

Choose if you'd like to fetch installed software information (default: True)

circle-exclamation

⚠️ Attention Please perform a connection test to ensure there is a valid connection to the host. When the discovery operation is finalized, you will be able to see the details on the Assets page.

PreviousFalcon CrowdStrike EASMNextFalcon CrowdStrike Spotlight

Was this helpful?