CrowdStrike - Query for Logins
- 02 Apr 2025
- 1 Minute to read
- DarkLight
- PDF
CrowdStrike - Query for Logins
- Updated on 02 Apr 2025
- 1 Minute to read
- DarkLight
- PDF
Article summary
Did you find this summary helpful?
Thank you for your feedback!
CrowdStrike - Query for Logins
Description
CrowdStrike's Query for Logins automation is a powerful tool that allows organizations to quickly and easily query their CrowdStrike Falcon platform for user login information. This automation allows organizations to quickly and easily identify user logins, including the user’s IP address, time of login, and any other relevant information. This automation also provides the ability to filter the results by user, location, or time, allowing organizations to quickly identify any suspicious activity. Additionally, the automation can be used to quickly identify any potential security threats, such as malicious logins or attempts to access sensitive data. With CrowdStrike's Query for Logins automation, organizations can quickly and easily identify any suspicious activity and take action to protect their data.
Trigger Request
HTTP Post Request
Headers:
| Key | Value |
|---|---|
| Content-Type | application/json |
- Json body parameters:
| Parameters | Type | Description |
|---|---|---|
| access_token | string | Access token for the CrowdStrike API. Can be acheived by calling to CrowdStrike_Base_Token flow. |
| filter | string | Please provide the description of this parameter. |
| limit | integer | Please provide the description of this parameter. |
| offset | integer | Please provide the description of this parameter. |
| query | string | Please provide the description of this parameter. |
| sort | string | Please provide the description of this parameter. |
Supported CDC Versions
- 2.8
Was this article helpful?