CrowdStrike Falcon DSM specifications

When you configure CrowdStrike Falcon understanding the specifications for the CrowdStrike Falcon DSM can help ensure a successful integration. For example, knowing what the supported version of CrowdStrike Falcon is before you begin can help reduce frustration during the configuration process.

The following table describes the specifications for the CrowdStrike Falcon DSM.

Table 1. CrowdStrike Falcon DSM specifications
Specification Value
Manufacturer CrowdStrike
DSM name CrowdStrike Falcon
RPM file name DSM-CrowdStrikeFalconHost-QRadar_version-build_number.noarch.rpm
Protocol Syslog
Event format LEEF, JSON
Recorded event types

Incident

Incident summary

Detection summary

Authentication

Detection status update

Uploaded IoCs

Network containment

IP whitelisting

Policy management

CrowdStrike store

Falcon firewall management

Real time response

Event streams

Automatically discovered? Yes
Includes identity? No
Includes custom properties? No
More information CrowdStrike Falcon Platform website (https://www.crowdstrike.com/endpoint-security-products/falcon-platform/)