CrowdStrike FLTR Core Package

Queries, dashboards, and related content for CrowdStrike FLTR, see CrowdStrike Core FLTR Package for more information.

CrowdStrike FLTR (Falcon) Identity Protection Package

Queries and dashboards for Falcon Identity Protection, see CrowdStrike Falcon Identity Protection for more information.

CrowdStrike IOC Package

A quick start package for working with the CrowdStrike IOC feed in LogScale, see CrowdStrike IOC for more information.

CrowdStrike Falcon Devices Package

Provides preconfigured dashboards and a parser for CrowdStrike Falcon Device Data, see the package readme.md file for more information.

CrowdStrike FDR Package

Parser and related content for CrowdStrike Falcon telemetry data, see the package readme.md file for more information.

CrowdStrike FLTR LOLbins Package

Queries based on "8 LOLBins Every Threat Hunter Should Know" by CrowdStrike Falcon OverWatch Elite, see the package readme.md file for more information.

CrowdStrike FLTR Tutorial Package

Dashboard-based tutorial for using FLTR, see the package readme.md file for more information.

CrowdStrike Intel Indicators Package

Provides tools for working with CrowdStrike Intelligence Indicators, see the package readme.md file for more information.

CrowdStrike SIEM Connector Package

A parser and dashboards for data from the CrowdStrike SIEM Connector, see the package readme.md file for more information.

CrowdStrike Spotlight Package

Provides preconfigured dashboards and a parser for CrowdStrike Spotlight Vulnerability Data,see the package readme.md file for more information.

CrowdStrike FLTR Firewall Adversaries (Preview) Package

This library package for Falcon Long Term Repository (FLTR) is designed to help you visualize which adversaries are targeting your firewalls. CrowdStrike FLTR Firewall Adversaries is currently integrated with LogScale through the package CrowdStrike FLTR Firewall Adversaries.