Queries in CrowdStrike

The crowdstrike plugin includes 33 queries:

Name	Description	Queries
crowdstrike_alert	Alerts are events identified by Falcon sensors on the hosts in your environment. This table uses the new Alerts API (replacing the deprecated Detects API).	11
crowdstrike_detection	[Deprecated] Detections are events identified by Falcon sensors on the hosts in your environment.	6
crowdstrike_host	Hosts are endpoints that run the Falcon sensor.	5
crowdstrike_intel_actor	A threat actor, also known as a malicious actor, is any person or organization that intentionally causes harm in the digital sphere.	2
crowdstrike_spotlight_vulnerability	Known CVE identified vulnerabilities in the environment.	5
crowdstrike_user	Users in the Falcon system.	1
crowdstrike_zta_assessment	Zero Trust Assessments.	2
crowdstrike_zta_compliance	Zero Trust Compliance.	1