Data

Tools

Indexes

Applications

Experiments

Open Source Science

https://github.com/crowdstrike/foundry-tutorial-enrich-incidents

Learn how to use the Foundry CLI to create a Foundry app that enriches Falcon incidents with third-party data. This app adds third-party data on the Next-Gen SIEM incident details page of the Falcon console.

https://github.com/crowdstrike/foundry-tutorial-enrich-incidents

Science Score: 26.0%

This score indicates how likely this project is to be science-related based on various indicators:

  • CITATION.cff file
  • codemeta.json file
    Found codemeta.json file
  • .zenodo.json file
    Found .zenodo.json file
  • DOI references
  • Academic publication links
  • Committers with academic emails
  • Institutional organization owner
  • JOSS paper metadata
  • Scientific vocabulary similarity
    Low similarity (9.6%) to scientific vocabulary

Keywords

api-integration falcon-foundry ui-extension
Last synced: 5 months ago · JSON representation

Repository

Learn how to use the Foundry CLI to create a Foundry app that enriches Falcon incidents with third-party data. This app adds third-party data on the Next-Gen SIEM incident details page of the Falcon console.

Basic Info
Statistics
  • Stars: 0
  • Watchers: 4
  • Forks: 0
  • Open Issues: 5
  • Releases: 0
Topics
api-integration falcon-foundry ui-extension
Created 10 months ago · Last pushed 6 months ago
Metadata Files
Readme License Code of conduct Security

README.md

CrowdStrike CrowdStrike

CrowdStrike Subreddit

Enrich Incidents tutorial Foundry app

[!IMPORTANT]
To view this tutorial and import the app, you need access to the Falcon console.

This code is the result of doing the Falcon Foundry Create an App that Enriches Falcon Incidents tutorial.

Prerequisites

  • Falcon Insight XDR or Falcon Prevent (one app)
  • Falcon Next-Gen SIEM or Falcon Foundry (1+ apps depending on entitlement)

Getting Started

  1. Download this repository as a zip file.
  2. Log in to the Falcon console and go to Foundry > App manager.
  3. Click Import app and select the zip file you downloaded.
  4. Click Import.

[!TIP] If you get an error that the name already exists, change the name to something unique to your CID when importing the app.

Links

This example uses the following CrowdStrike products:

Help

Please post any questions as issues in this repo, ask for help in our CrowdStrike subreddit, or post your question to our Foundry Developer Community.

Support

The foundry-tutorial-enrich-incidents repo is the resulting code from doing the Foundry Create an App that Enriches Falcon Incidents tutorial. While not a formal CrowdStrike product, foundry-tutorial-enrich-incidents is maintained by CrowdStrike and supported in partnership with the open source developer community.

License

MIT, see LICENSE.

Owner

  • Name: CrowdStrike
  • Login: CrowdStrike
  • Kind: organization
  • Email: github@crowdstrike.com
  • Location: United States of America

GitHub Events

Total
  • Delete event: 20
  • Issue comment event: 18
  • Push event: 7
  • Public event: 1
  • Pull request review event: 1
  • Pull request event: 40
  • Create event: 23
Last Year
  • Delete event: 20
  • Issue comment event: 18
  • Push event: 7
  • Public event: 1
  • Pull request review event: 1
  • Pull request event: 40
  • Create event: 23

Committers

Last synced: 9 months ago

All Time
  • Total Commits: 6
  • Total Committers: 1
  • Avg Commits per committer: 6.0
  • Development Distribution Score (DDS): 0.0
Past Year
  • Commits: 6
  • Committers: 1
  • Avg Commits per committer: 6.0
  • Development Distribution Score (DDS): 0.0
Top Committers
Name Email Commits
Matt Raible m****e@c****m 6
Committer Domains (Top 20 + Academic)
crowdstrike.com: 1

Issues and Pull Requests

Last synced: 5 months ago

All Time
  • Total issues: 1
  • Total pull requests: 33
  • Average time to close issues: 27 days
  • Average time to close pull requests: 11 days
  • Total issue authors: 1
  • Total pull request authors: 2
  • Average comments per issue: 0.0
  • Average comments per pull request: 0.48
  • Merged pull requests: 2
  • Bot issues: 0
  • Bot pull requests: 28
Past Year
  • Issues: 1
  • Pull requests: 33
  • Average time to close issues: 27 days
  • Average time to close pull requests: 11 days
  • Issue authors: 1
  • Pull request authors: 2
  • Average comments per issue: 0.0
  • Average comments per pull request: 0.48
  • Merged pull requests: 2
  • Bot issues: 0
  • Bot pull requests: 28
View more stats
Top Authors
Issue Authors
  • mraible (1)
Pull Request Authors
  • dependabot[bot] (28)
  • mraible (5)
Top Labels
Issue Labels
Pull Request Labels
dependencies (28) javascript (26) github_actions (2)

Dependencies

.github/workflows/main.yml actions
  • actions/checkout v4 composite
  • actions/setup-node v4 composite
ui/extensions/Third-party Detections/package-lock.json npm
  • 329 dependencies
ui/extensions/Third-party Detections/package.json npm
  • @babel/core 7.21.8 development
  • @babel/preset-react 7.22.3 development
  • @rollup/plugin-babel 6.0.3 development
  • @rollup/plugin-commonjs 25.0.0 development
  • @rollup/plugin-json 4.1.0 development
  • @rollup/plugin-node-resolve 14.1.0 development
  • @rollup/plugin-replace 5.0.2 development
  • @web/rollup-plugin-html 1.11.1 development
  • postcss ^8.4.28 development
  • rollup ^2.79.2 development
  • rollup-plugin-postcss ^4.0.2 development
  • @crowdstrike/falcon-shoelace ^0.2.3
  • @crowdstrike/foundry-js ^0.9.0
  • @crowdstrike/tailwind-toucan-base ^4.2.0
  • @shoelace-style/shoelace ^2.7.0
  • react 18.2.0
  • react-dom 18.2.0
  • react-router-dom 6.14.2