CrowdStrike
LogScale offers the following integrations with CrowdStrike:
CrowdStrike FLTR Core Package
Queries, dashboards, and related content for CrowdStrike FLTR, see CrowdStrike Core FLTR Package for more information.
CrowdStrike FLTR (Falcon) Identity Protection Package
Queries and dashboards for Falcon Identity Protection, see CrowdStrike Falcon Identity Protection for more information.
CrowdStrike IOC Package
A quick start package for working with the CrowdStrike IOC feed in LogScale, see CrowdStrike IOC for more information.
CrowdStrike Falcon Devices Package
Provides preconfigured dashboards and a parser for CrowdStrike Falcon Device Data, see the package
readme.md
file for more information.CrowdStrike FDR Package
Parser and related content for CrowdStrike Falcon telemetry data, see the package
readme.md
file for more information.CrowdStrike FLTR LOLbins Package
Queries based on "8 LOLBins Every Threat Hunter Should Know" by CrowdStrike Falcon OverWatch Elite, see the package
readme.md
file for more information.CrowdStrike FLTR Tutorial Package
Dashboard-based tutorial for using FLTR, see the package
readme.md
file for more information.CrowdStrike Intel Indicators Package
Provides tools for working with CrowdStrike Intelligence Indicators, see the package
readme.md
file for more information.CrowdStrike SIEM Connector Package
A parser and dashboards for data from the CrowdStrike SIEM Connector, see the package
readme.md
file for more information.CrowdStrike Spotlight Package
Provides preconfigured dashboards and a parser for CrowdStrike Spotlight Vulnerability Data,see the package
readme.md
file for more information.CrowdStrike FLTR Firewall Adversaries (Preview) Package
This library package for Falcon Long Term Repository (FLTR) is designed to help you visualize which adversaries are targeting your firewalls. CrowdStrike FLTR Firewall Adversaries is currently integrated with LogScale through the package CrowdStrike FLTR Firewall Adversaries.