IBM QRadar SOAR

IBM QRadar SOAR

Join this online user group to communicate across Security product users and IBM experts by sharing advice and best practices with peers and staying up to date regarding product enhancements.

 View Only

  • 1.  fn_crowd_strike app and event stream

    Posted Thu May 16, 2024 04:33 AM

    Is anyone using the crowdstrike falcon app? It's supposedly working but the in the app log I can see it's not pulling any events:

    INFO [cs_detection_poll] [MainThread] Thread is not running..
INFO [cs_detection_process] [Thread-30] CS poll detection started..!!
INFO [cs_detection_process] [Thread-30] Processing CS detection stream
INFO [cs_api] [Thread-30] Number of clouds:0
WARNING [cs_detection_process] [Thread-30] There are no stream received to process.

    On falcon I can see that there are no requests coming from the app, so there's a disconnect somewhere. Any ideas what could cause this?



    ------------------------------
    Maria Czapkowska
    ------------------------------


  • 2.  RE: fn_crowd_strike app and event stream

    Posted Tue May 21, 2024 03:17 PM

    Hi Maria 

    which Crowdstrike app are you using.

    Regards

    John



    ------------------------------
    John Quirke
    ------------------------------

    Original Message


Related Content