🚀Launch Week 10, September 22nd - 26th, 2025🚀

Plugins Mods Docs Home

GitHub Repo Stars

steampipe plugin install crowdstrikesteampipe plugin install crowdstrike

Get Involved

Edit on GitHub Discuss on Slack

Query: List alerts by aggregate_id

Description

Group related alerts together using the aggregate_id, which represents the Agent ID & Process Tree ID, similar to the legacy detection_id.

Query

Tables used in this query:

crowdstrike_alert

SQL