Overview
Table name: crowdstrike_devices
CrowdStrike device logs encompass a wide range of data points collected from each endpoint or device within the network. These logs are crucial for monitoring the health and security status of the network, detecting potential threats, and facilitating forensic analysis in the event of a security incident.
Send data to Hunters
Step 1: Connect Hunters to your CrowdStrike portal
-
Log into the CrowdStrike Falcon portal.
-
From the left-side menu, click CrowdStrike Store > All Apps.
-
Look for the Hunters.AI tile and click to open it.
-
Click Try it free.
📘 Note-
Your CrowdStrike API token will be shared with Hunters with the following permissions:
- CrowdStrike Falcon raw data replicator
- CrowdStrike Detections API
-
You will receive an automated email from Hunters confirming this action. This is designed for new prospects who have not yet been introduced to Hunters.
-
-
To retrieve your Customer ID, open the Falcon menu and navigate to Host setup and management > Sensor downloads.
-
Copy your Customer ID and paste it into a safe place.
Step 2: Create a data source on Hunters
- Follow this procedure to connect CrowdStrike as a data source.
- Insert the Customer ID value from the previous section and click Apply.
The Customer ID field is case-sensitive.
Once done, Hunters will connect your CrowdStrike Detections, CrowdStrike Devices, CrowdStrike Incidents, CrowdStrike Falcon Event Streams and CrowdStrike Raw Events to your Hunters platform.