Skip to content

Rust bindings for CrowdStrike Falcon API

License

Notifications You must be signed in to change notification settings

makr11st/rusty-falcon

 
 

Repository files navigation

CrowdStrike Falcon Twitter URL

rusty_falcon

Build CI Latest version Documentation

Rust-based SDK to CrowdStrike's Falcon APIs

rusty_falcon documentation is available on docs.rs. Users are advised to consult this rusty_falcon documentation together with the comprehensive CrowdStrike API documentation published on Developer Center. The easiest way to learn about the SDK is to consult the set of examples built on top of the SDK.

Quick Start

To get you started quickly, the easiest and highest-level way to establish API client is to instantiate easy::client::FalconHandle. The most convenient way is to use easy::client::FalconHandle::from_env function that will read the following environment variables to authenticate with falcon cloud: FALCON_CLIENT_ID, FALCON_CLIENT_SECRET, and FALCON_CLOUD. Unless you already have a CrowdStrike key pair you can establish a new one in Falcon Portal.

use rusty_falcon::apis::sensor_download_api;
use rusty_falcon::easy::client::FalconHandle;

#[tokio::main]
async fn main() {
    // Fetch credentials from environment variables and establish OAuth2 connection
    let falcon = FalconHandle::from_env()
        .await
        .expect("Could not authenticate with CrowdStrike API");

    // Call one particular API end-point using the authenticated client
    let response = sensor_download_api::get_sensor_installers_ccidby_query(&falcon.cfg)
        .await
        .expect("Could not fetch CCID");

    // Response objects returned from APIs usually follow the same pattern of having
    // 'errors', 'meta', and 'resources' fields. It is recommended to check for possible
    // application errors:
    if !response.errors.is_empty() {
        eprintln!("Errors occurred while getting Falcon CCID: {:?}", response.errors);
    }

    // Print response from the API:
    println!("{:?}", response.resources)
}

Examples

Ready-made examples can be found in git repo.

There's a handy script that can be used to (sequentially) run and test the examples. This script will show the status (pass / fail) of each example.

./scripts/run-examples.sh

[WIP] Project Documentation

This project uses mdbook to serve its documentation, to run it locally:

cd docs
mdbook build
mdbook serve

Generating models from OpenApi Specification

This api model is generated from OpenApi specification using OpenApi Generator for Rust language.

Note: In the OpenApi specification please update version to `rolling``, if required and update version on the list below. This will prevent crazy long PRs with updates.

An example command to generate api and model:

openapi-generator generate -g rust -i swagger.json -o ./new

OpenApi Specification Version

2024-05-29T00:00:02Z

Getting Help

rusty_falcon is an open source project, not a CrowdStrike product. As such it carries no formal support, expressed or implied.

If you encounter any issues while using rusty_falcon, you can create an issue on our Github repo for bugs, enhancements, or other requests.

rusty_falcon project is periodically refreshed to reflect the newest additions to the CrowdStrike API. Users of the SDK are advised to track the latest releases rather closely to ensure proper function in the unlikely event of an incompatible change to a CrowdStrike API.

About

Rust bindings for CrowdStrike Falcon API

Resources

License

Code of conduct

Security policy

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages

  • Rust 100.0%