Playbook: CrowdStrike OAuth API Network Restore
Description
Accepts a hostname or device id as input and tries to restore access for (unquarantines) the device in Crowdstrike. We then generate an observable report as well as a Markdown formatted report of the results. Both can be customized based on user preference.
Apps
How To Implement
This input playbook requires the CrowdStrike OAuth API connector to be configured. It is designed to work with an endpoint hostname or device id and remove the corresponding endpoint from containment for use in automation playbooks.
Explore Playbook
Click the playbook screenshot to explore in more detail!
Required fields
- device
Reference
source | version: 1