Data

Tools

Indexes

Applications

Experiments

Open Source Science

gofalcon

Golang-based SDK to CrowdStrike's APIs

https://github.com/crowdstrike/gofalcon

Science Score: 44.0%

This score indicates how likely this project is to be science-related based on various indicators:

  • CITATION.cff file
    Found CITATION.cff file
  • codemeta.json file
    Found codemeta.json file
  • .zenodo.json file
    Found .zenodo.json file
  • DOI references
  • Academic publication links
  • Committers with academic emails
  • Institutional organization owner
  • JOSS paper metadata
  • Scientific vocabulary similarity
    Low similarity (7.2%) to scientific vocabulary

Keywords from Contributors

mesh interpretability sequences generic projection interactive optim hacking network-simulation
Last synced: 7 months ago · JSON representation ·

Repository

Golang-based SDK to CrowdStrike's APIs

Basic Info
  • Host: GitHub
  • Owner: CrowdStrike
  • License: mit
  • Language: Go
  • Default Branch: main
  • Size: 10.4 MB
Statistics
  • Stars: 72
  • Watchers: 12
  • Forks: 54
  • Open Issues: 12
  • Releases: 61
Created about 5 years ago · Last pushed 7 months ago
Metadata Files
Readme Contributing License Citation Security

README.md

gofalcon

Build CI CodeQL Go Report Card Go Reference GitHub release (latest SemVer)

Golang-based SDK to CrowdStrike's Falcon APIs.

Gofalcon documentation is available on pkg.go.dev. Users are advised to consult this gofalcon documentation together with the comprehensive CrowdStrike API documentation published on Developer Center. The easiest way to learn about the SDK is to consult the set of examples built on top of the SDK. What follows is a subset of these examples that can be found useful as stand-alone programs.

| Example | Description | | :-------- | :------------ | | falconsensordownload | stand-alone tool that can be used to download CrowdStrike Falcon Sensor | | falconeventstream | stand-alone tool that can be used to stream events as they happen in CrowdStrike Falcon Console | | falconcleanuppods | stand-alone tool that can be used to clean-up inactive pods from CrowdStrike Falcon Console | | falconcspmioms | stand-alone tool that leverages CrowdStrike Cloud Security Posture Management (CSPM) to list indicators of misconfigurations (IOMs) | | falcondetectiondetails | stand-alone tool that outputs inventory of all Falcon Detections based on custom filter | | falcondiscoverhost_details | stand-alone tool that can be used for auditing purposes and for gaining timely visibility into your environment | | falcongetcid | stand-alone tool that can be used to get Customer ID based on the API key pair | | falcon_iocs | stand-alone tool that can be used to add, delete or list Custom IOCs in the CrowdStrike Falcon Console | | falconintelindicators | stand-alone tool that queries CrowdStrike Intelligence Indicators | | falconintelrules_download | stand-alone tool that downloads CrowdStrike Falcon Intelligence Rule files | | falconhostdetails | stand-alone tool that outputs inventory of hosts registered to CrowdStrike Falcon platform | | falconregistrytoken | helper to generate container registry logic information for docker login | | falconrtrreadonlycommand | stand-alone example to run basic read-only RTR (Real-Time Response) command against a specific agent | | falconrtradmincreateandrunscript | stand-alone example of running custom script on the specific agent using RTR (Real-Time Response) API | | falcon_vulnerabilities | stand-alone tool that outputs inventory of vulnerabilities affecting your environment | | falconsupportedkernels | stand-alone tool that outputs short list recent Linux kernels supported by CrowdStrike Falcon for a given distribution | | falcon_zta | stand-alone tool that utilises Hosts and ZTA APIs and outputs ZTA findings for your environment | | customize_transport | use a falcon.TransportDecorator to modify all outgoing HTTP requests to the Falcon API |

Gofalcon is a community-driven, open source project designed to aid developers in utilizing the CrowdStrike APIs effectively within their applications. While not a formal CrowdStrike product, Gofalcon is maintained by CrowdStrike and supported in partnership with the open source developer community.

Gofalcon is periodically refreshed to reflect the newest additions to the CrowdStrike API. Users of the SDK are advised to track the latest releases rather closely to ensure proper function in the unlikely event of an incompatible change to a CrowdStrike API.

Installation

go get github.com/crowdstrike/gofalcon/falcon

Usage Example

Various real-life examples can be found in the examples/ directory. The bare minimum example follows.

```go package main

import ( "context" "fmt" "os"

"github.com/crowdstrike/gofalcon/falcon"
"github.com/crowdstrike/gofalcon/falcon/client/incidents"

)

func main() { client, err := falcon.NewClient(&falcon.ApiConfig{ ClientId: os.Getenv("FALCONCLIENTID"), ClientSecret: os.Getenv("FALCONCLIENTSECRET"), Context: context.Background(), }) if err != nil { panic(err) }

desc := "timestamp.desc"
res, err := client.Incidents.CrowdScore(&incidents.CrowdScoreParams{
    Context: context.Background(),
    Sort: &desc,
})
if err != nil {
    panic(err)
}
payload := res.GetPayload()
fmt.Printf("As of %s your CrowdScore is %d.\n",
    payload.Resources[0].Timestamp.String(), *payload.Resources[0].Score)

} ```

Versioning

This module adheres to the Go Module version numbering system, as described in detail at Go Module version numbering.

It is important to note that since this module is currently in the v0.x.x stage, backward compatibility cannot be guaranteed between minor versions (vMAJOR.MINOR.PATCH). Any breaking changes that may occur between versions will be explicitly mentioned in the release notes. It is highly recommended to pin the version of this module in your go.mod file to a specific patch version, and to update it only after reviewing the release notes and thorough testing.

Owner

  • Name: CrowdStrike
  • Login: CrowdStrike
  • Kind: organization
  • Email: github@crowdstrike.com
  • Location: United States of America

Citation (CITATION.cff) 

cff-version: 1.2.0
title: 'goFalcon: The CrowdStrike Falcon SDK for Golang'
message: >-
  If you use this software, please cite it using the
  metadata from this file.
type: software
authors:
  - given-names: 
    family-names: CrowdStrike
  - given-names: Šimon
    family-names: Lukašík
    affiliation: CrowdStrike
repository-code: 'https://github.com/CrowdStrike/gofalcon'
url: 'https://pkg.go.dev/github.com/crowdstrike/gofalcon'
repository-artifact: 'https://pkg.go.dev/github.com/crowdstrike/gofalcon'
abstract: >-
  Golang-based SDK to CrowdStrike Falcon APIs.
keywords:
  - crowdstrike
  - oauth2
  - crowdstrike-api
  - crowdstrike-falcon-api
  - golang
  - windows
  - linux
  - mac
license: MIT

GitHub Events

Total
  • Create event: 37
  • Release event: 12
  • Issues event: 21
  • Watch event: 10
  • Delete event: 24
  • Issue comment event: 44
  • Push event: 85
  • Pull request review event: 21
  • Pull request review comment event: 1
  • Pull request event: 109
  • Fork event: 13
Last Year
  • Create event: 37
  • Release event: 12
  • Issues event: 21
  • Watch event: 10
  • Delete event: 24
  • Issue comment event: 44
  • Push event: 85
  • Pull request review event: 21
  • Pull request review comment event: 1
  • Pull request event: 109
  • Fork event: 13

Committers

Last synced: 10 months ago

All Time
  • Total Commits: 596
  • Total Committers: 25
  • Avg Commits per committer: 23.84
  • Development Distribution Score (DDS): 0.411
Past Year
  • Commits: 67
  • Committers: 10
  • Avg Commits per committer: 6.7
  • Development Distribution Score (DDS): 0.463
Top Committers
Name Email Commits
Simon Lukasik s****k@c****m 351
dependabot[bot] 4****] 107
ffalor 3****r 71
Gabe Alford r****s@g****m 23
Forrest Aldridge f****e@c****m 6
Carlos Matos c****s@c****m 5
Kevin Pham k****m@a****m 5
zeknox m****n@g****m 4
Joshua Hiller j****r@c****m 4
johns31459 1****9 3
Shawn Wells s****n@s****o 2
Branden Brown b****n@v****m 2
Alexandru Gandrabur a****r@g****m 1
Evan Stoner e****r@g****m 1
Matt Raible m****t@r****m 1
Nikos Vlastaras n****t@g****m 1
RobbingDaHood 1****d 1
bndw b****n@b****o 1
kuma3ierae 1****e 1
rq 5****n 1
Forrest Aldridge f****e@g****m 1
r3drun3 s****i@k****t 1
Steve Klassen s****n@c****m 1
Robert Quinlivan r****n@c****m 1
Talgi t****l@g****m 1
Committer Domains (Top 20 + Academic)
crowdstrike.com: 5 cloudflare.com: 1 kiratech.it: 1 bdw.to: 1 raibledesigns.com: 1 velocigo.com: 1 shawndwells.io: 1 associates.polb.com: 1

Issues and Pull Requests

Last synced: 7 months ago

All Time
  • Total issues: 41
  • Total pull requests: 315
  • Average time to close issues: 2 months
  • Average time to close pull requests: 4 days
  • Total issue authors: 28
  • Total pull request authors: 22
  • Average comments per issue: 1.32
  • Average comments per pull request: 0.23
  • Merged pull requests: 256
  • Bot issues: 1
  • Bot pull requests: 116
Past Year
  • Issues: 15
  • Pull requests: 128
  • Average time to close issues: 16 days
  • Average time to close pull requests: 4 days
  • Issue authors: 10
  • Pull request authors: 14
  • Average comments per issue: 0.87
  • Average comments per pull request: 0.28
  • Merged pull requests: 95
  • Bot issues: 0
  • Bot pull requests: 33
View more stats
Top Authors
Issue Authors
  • ffalor (6)
  • terrancedjones (4)
  • rquinlivan (3)
  • qa-ship-it (2)
  • hazcod (2)
  • kylape (2)
  • gray-host (1)
  • dkindlund (1)
  • FluffySocks32 (1)
  • dependabot[bot] (1)
  • isimluk (1)
  • kyle-c9000 (1)
  • andrew-bab (1)
  • l-teles (1)
  • kostaspap (1)
Pull Request Authors
  • dependabot[bot] (116)
  • ffalor (67)
  • isimluk (57)
  • redhatrises (35)
  • carlosmmatos (5)
  • kuma3ierae (5)
  • johns31459 (4)
  • evanstoner (4)
  • RobbingDaHood (2)
  • agandrabur (2)
  • basbeu (2)
  • nVlast (2)
  • mraible (2)
  • rquinlivan (2)
  • aalcantar365 (2)
Top Labels
Issue Labels
bug (8) needs triage (4) enhancement (2) documentation (1) api (1) dependencies (1) go (1) missing endpoint (1) internal (1) question (1)
Pull Request Labels
dependencies (117) go (90) github_actions (28) enhancement (7) documentation (2)

Dependencies

go.mod go
  • github.com/blang/semver/v4 v4.0.0
  • github.com/go-openapi/errors v0.20.2
  • github.com/go-openapi/runtime v0.24.1
  • github.com/go-openapi/strfmt v0.21.2
  • github.com/go-openapi/swag v0.21.1
  • github.com/go-openapi/validate v0.22.0
  • github.com/sirupsen/logrus v1.8.1
  • golang.org/x/oauth2 v0.0.0-20210113205817-d3ed898aa8a3
go.sum go
  • 488 dependencies
.github/workflows/build.yml actions
  • actions/checkout v3 composite
  • actions/setup-go v3 composite
  • golangci/golangci-lint-action v3 composite
.github/workflows/check_spelling.yml actions
  • SFLScientific/spellcheck-github-actions master composite
  • actions/checkout v3 composite
.github/workflows/codeql.yml actions
  • actions/checkout v3 composite
  • github/codeql-action/analyze v2 composite
  • github/codeql-action/autobuild v2 composite
  • github/codeql-action/init v2 composite
.github/workflows/docs.yml actions
  • actions/checkout v3 composite
  • gaurav-nelson/github-action-markdown-link-check v1 composite
.github/workflows/goreleaser-check.yml actions
  • actions/checkout v3 composite
  • actions/setup-go v3 composite
  • goreleaser/goreleaser-action v4 composite
.github/workflows/gosec.yml actions
  • actions/checkout v3 composite
  • securego/gosec master composite
.github/workflows/release.yml actions
  • actions/checkout v3 composite
  • actions/setup-go v3 composite
  • goreleaser/goreleaser-action v4 composite