CrowdStrike Falcon Data Replicator DSM specifications
The IBM QRadar DSM for CrowdStrike Falcon Data Replicator supports events that are collected from CrowdStrike FDR by using the Amazon AWS S3 REST API protocol.
The following table lists the specifications for the CrowdStrike Falcon Data Replicator DSM.
Specification | Value |
---|---|
Manufacturer | CrowdStrike |
DSM name | Falcon Data Replicator |
RPM file name | DSM-CrowdStrikeFalconDataReplicator-QRadar_version-Build_number.noarch.rpm |
Supported protocols | Amazon AWS S3 REST API |
Event format | JSON |
Automatically discovered? | Yes |
Includes identity? | No |
Includes custom properties? | No |
More information | Falcon Data Replicator(https://falcon.us-2.crowdstrike.com/documentation/page/fa572b1c/falcon-data-replicator) |