Skip to content

revert Crowdstrike deprecation #14170

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Closed
fuqing04 wants to merge 1 commit into from
+1 −2
Closed

revert Crowdstrike deprecation #14170

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion ...ection/Data Connectors/CrowdstrikeReplicatorCLv2/CrowdstrikeReplicatorV2_ConnectorUI.json
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
{
"id": "CrowdstrikeReplicatorv2",
"title": "[DEPRECATED] CrowdStrike Falcon Data Replicator (CrowdStrike Managed AWS-S3) (using Azure Function)",
"title": "CrowdStrike Falcon Data Replicator (CrowdStrike Managed AWS-S3) (using Azure Function)",
"publisher": "Crowdstrike",
"descriptionMarkdown": "This connector enables the ingestion of FDR data into Microsoft Sentinel using Azure Functions to support the assessment of potential security risks, analysis of collaboration activities, identification of configuration issues, and other operational insights.<p><span style='color:red; font-weight:bold;'>NOTE:</span></p><div style='margin-left:20px;'><p>1. CrowdStrike FDR license must be available & enabled.</p><p>2. The connector uses a Key & Secret based authentication and is suitable for CrowdStrike Managed buckets.</p><p>3. For environments that use a fully owned AWS S3 bucket, Microsoft recommends using the <strong>CrowdStrike Falcon Data Replicator (AWS S3)</strong> connector.</p></div>",
"additionalRequirementBanner": "These queries and workbooks are dependent on a parser based on Kusto to work as expected. Follow the steps to use this Kusto functions alias **CrowdstrikeReplicator** in queries and workbooks [Follow steps to get this Kusto functions>](https://aka.ms/sentinel-crowdstrikereplicator-parser).",
Expand Down
Binary file removed Solutions/CrowdStrike Falcon Endpoint Protection/Package/3.3.3.zip
View file
Open in desktop
Binary file not shown.
1 change: 0 additions & 1 deletion Solutions/CrowdStrike Falcon Endpoint Protection/ReleaseNotes.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,5 @@
| **Version** | **Date Modified (DD-MM-YYYY)** | **Change History** |
|-------------|--------------------------------|--------------------------------------------------------------------------------|
| 3.3.3 | 13-04-2026 | Deprecate CrowdStrike Falcon Data Replicator (CrowdStrike Managed AWS-S3) (using Azure Function) |
| 3.3.2 | 16-03-2026 | Update *CrowdStrike API Data Connector* to GA with adding rate limits to inner steps for Alerts and Detections data types |
| 3.3.1 | 05-03-2026 | Update *CrowdStrike API Data Connector* to fix Alerts and Detections data types |
| 3.3.0 | 26-01-2026 | Refresh *CrowdStrike API Data Connector* with Cases data type and multiple improvements |
Expand Down
Loading