Skip to main content

CrowdStrike Falcon Sandbox

crowdstrike-falcon-sandbox

Version: 1.3
Updated: Jul 14, 2023

Malware Analysis Tool providing threat intelligence.

Actions

  • Submit File (Enrichment) - Submit a file for analysis.
  • Submit URL (Enrichment) - Submit a website's URL or URL with a file for analysis.
  • Submission Status Polling (Enrichment) - Return the state of submission, this action will polling until the File/URL analyzation are finished, Once this action completed, we will be able to Download Report or Get Summary of Submission.
  • Download Report (Enrichment) - Download a report (Full CSOAR only).
  • Search Into Database (Enrichment) - Search the database using the search terms like tag, host, domain, URL, filename; this similar to Advanced Search.
  • Get Submission Summary (Enrichment) - Return summary of a submission.
  • Get Hash Summary (Enrichment) - Summary for given hash.
  • Download Sample (Enrichment) - Download sample file (Full CSOAR only).
  • List Feed (Enrichment) - Access a JSON feed (summary information) of last 250 reports from 24h.
  • Get Hash Analysis Overview (Enrichment) - Return overview for the hash related information [report, parent, children, scanners].
  • List Environments (Enrichment) - List system environments.

Configure CrowdStrike Falcon Sandbox in Automation Service and Cloud SOAR

Before you can use this automation integration, you must configure its authentication settings so that the product you're integrating with can communicate with Sumo Logic. For general guidance, see Configure Authentication for Automation Integrations.

How to open the integration's configuration dialog
  1. Access App Central and install the integration. (You can configure at installation, or after installation with the following steps.)
  2. Go to the Integrations page.
    Classic UI. In the main Sumo Logic menu, select Automation and then select Integrations in the left nav bar.
    New UI. In the main Sumo Logic menu, select Automation > Integrations. You can also click the Go To... menu at the top of the screen and select Integrations.
  3. Select the installed integration.
  4. Hover over the resource name and click the Edit button that appears.
    Edit a resource

In the configuration dialog, enter information from the product you're integrating with. When done, click TEST to test the configuration, and click SAVE to save the configuration.

CrowdStrike Falcon Sandbox configuration

For information about CrowdStrike Falcon Sandbox, see CrowdStrike documentation.

Change Log

  • October 26, 2020 - First upload
  • March 21, 2023 (v1.1) - Logo updated
  • June 27, 2023 (v1.2) - Updated the integration with Environmental Variables
  • July 14, 2023 (v1.3) - Changed fields visibility
Status
Legal
Privacy Statement
Terms of Use

Copyright © 2025 by Sumo Logic, Inc.