Receive FalconCaoQueryArchive

Receive-FalconCaoQueryArchive

SYNOPSIS

Download an archive containing Falcon Counter Adversary Operations queries

DESCRIPTION

Requires 'CAO Hunting: Read'.

PARAMETERS

Name	Type	Description	Allowed
Path	String	Destination path
Language	String	Query language	`__all__` `cql` `snort` `suricata` `yara`
Filter	String	Falcon Query Language expression to limit results
Type	String	Archive type [default: zip]	`gzip` `zip`
Force	Switch	Overwrite an existing file when present

SYNTAX

Receive-FalconCaoQueryArchive [-Path] <String> [-Language] <String> [[-Filter] <String>] [[-Type] <String>] [-Force] [-WhatIf] [-Confirm] [<CommonParameters>]

REFERENCE

Endpoints

GET /hunting/entities/archive-exports/v1

falconpy

GetArchiveExport

USAGE

2025-10-24: PSFalcon v2.3.0

Using PSFalcon
Commands by Permission
Other Commands
Examples
- Code Examples
- Samples
CrowdStrike SDKs
- FalconPy - Python 3
- goFalcon - Go
- Rusty Falcon - Rust

Receive FalconCaoQueryArchive

Receive-FalconCaoQueryArchive

SYNOPSIS

DESCRIPTION

PARAMETERS

SYNTAX

REFERENCE

Endpoints

falconpy

USAGE

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!