Crowdstrike-falconpy

Issues resolved
+ Bug fix: Resolved issue impacting the creation of certain action parameters used within payloads for the `perform_incident_action` method of the Incidents Service Class. Closes 656.
- `_payload/_incidents.py`

---

Added features and functionality
+ Added: Results object expansion - expanded results are returned as a tuple, Ex: `(status_code, headers, content)`. This allows for
headers and status to be checked on binary API returns. Expanded results are supported for all calls to the API and can be requested from
any Service Class method or the Uber Class __command__ method using the keyword `expand_result`.
- `_result.py`
- `_util.py`
- `api_complete.py`
- `test_sample_uploads.py`

__Example__
python
Pass a boolean True to the `expand_result` keyword to request expanded results.
download_result = samples.get_sample(ids=file_sha, expand_result=True)

We're returned a tuple (status, headers, content)
Status will be in 0
print(f"Status returned: {download_result[0]}")
Headers will be in 1
print(f"Headers returned: {download_result[1]}")
File content will be in 2
with open(example_file, "wb") as download_file:
download_file.write(download_result[2])


+ Added: Specify action_parameters keys for __perform__ operations using keywords instead of a list of dictionaries.
* Keyword: `group_id`
- `device_control_policies.py` (_perform_action_ method)
- `firewall_policies.py` (_perform_action_ method)
- `prevention_policy.py` (_perform_policies_action_ method)
- `response_policies.py` (_perform_policies_action_ method)
- `sensor_update_policy.py` (_perform_policies_action_ method)
* Keyword: `filter`
- `host_group.py` (_perform_group_action_ method)
* Keywords: `add_tag`, `delete_tag`, `unassign`, `update_name`, `update_assigned_to_v2`, `update_description`, `update_status`
- `_payload/__init__.py`
- `_payload/_incidents.py`
- `incidents.py` (_perform_incident_action_ method)

Other
+ Fixed: Docstring typo in sort options for `query_accounts` and `query_logins` methods within the Discover Service Class.
- `discover.py`
+ Fixed: Docstring typo not listing `id` requirements for keyword submissions to the `indicator_update` method within the IOC Service Class.
- `ioc.py`
+ Fixed: Docstring typo listing an incorrect return type for the `get_download` operation within the ReportExecutions Service Class.
- `report_executions.py`
+ Fixed: Docstring typo in Real Time Response Service Class referencing non-existent `action_parameters` payload element.
- `real_time_response.py`
+ Added: Babel fish operation ID to endpoint translator.
- `util/babel_fish.py`
+ Added: FalconPy terminal word search utility.
- `util/find-strings.sh`
+ Added: FalconPy module listing utility.
- `util/public-modules.sh`
+ Added: FalconPy version check utility.
- `util/vcheck.sh`

---

Added features and functionality
+ Added: New versions of two operations within the Real Time Response Service Class. `list_files_v2` and `delete_file_v2` are used the same as the original methods, but provide more results detail. You should leverage `delete_file_v2` if you are retrieving files using `list_files_v2`.
- `_endpoint/_real_time_response.py`
- `real_time_response.py`
- `tests/test_real_time_response.py`

---

Added features and functionality
+ Added: New Discover service collection endpoints, matching Service Class operations and unit testing.
* New method: _`get_accounts`_
* New method: _`get_logins`_
* New method: _`query_accounts`_
* New method: _`query_logins`_
- `_endpoint/_discover.py`
- `discover.py`
- `tests/test_discover.py`

Other
+ Fixed: Docstring typo for the `combinedQueryVulnerabilities` operation within the Spotlight Vulnerabilities Service Class. Closes 608.
- `spotlight_vulnerabilities.py`

---

Added features and functionality
+ Added: Spotlight Evaluation Logic Service Class, related service collection endpoints and related unit tests.
- `_endpoint/__init__.py`
- `_endpoint/_spotlight_evaluation_logic.py`
- `__init__.py`
- `spotlight_evaluation_logic.py`
- `tests/test_spotlight_evaluation_logic.py`

---

Issues resolved
+ Fixed: Invalid empty payload sent by `report_executions_download_get` operation when leveraging the Uber Class. Closes 596.
- `_util.py`
- `api_complete.py`
- `tests/test_uber_api_complete.py`
- Thanks to tsullivan06 for his assistance in identifying this issue!

Other
+ Fixed: Typo in docstring - cspm_registration.py571, `recurring` -> `reoccurring`. Closes 592.
- `cspm_registration.py`
+ Added: Updated docstring to reflect newly available host actions. Closes 585.
- `hosts.py`

---