The iocDatabaseInfo() GraphQL query returns information on the IOC database used by the LogScale instance.

For more information on IOC (indicator of compromise) database from CrowdStrike, see the IOC Configuration configuration page.

Syntax

Below is the syntax for the iocDatabaseInfo() query field: 

iocDatabaseInfo: CrowdStrikeIocStatus!

Given Datatypes

For the given datatype, CrowdStrikeIocStatus, there are several parameters that may be given. Below is a list of them along with their datatypes and a description of each:

Table: CrowdStrikeIocStatus

ParameterTypeRequired[a]DefaultDescription
databaseTables[IocTableInfo]yes The status of Indicators of Compromise (IOC) database tables (see IocTableInfo Table).

[a] Some arguments may be required, as indicated in this column. For some fields, this column indicates that a result will always be returned for it.