Installation Upgrades and Removal
FalconPy leverages the Python Package Index for distribution, making installation and maintenance easy. There are two packages for FalconPy, the production package crowdstrike-falconpy (also referred to as the 'stable release'), and the development package crowdstrike-falconpy-dev.
For most developer scenarios, the production package will be the preferred solution.
Stable releases of FalconPy are available on the Python Package Index and are the default installation option.
poetry add crowdstrike-falconpypipenv install crowdstrike-falconpypython3 -m pip install crowdstrike-falconpyYou may also call pip3 directly to perform an installation:
pip3 install crowdstrike-falconpyUpgrading the package to the latest stable release follows a similar pattern.
Updates are performed as dictated by the contents of your pyproject.toml file. If this file is pinned to a specific version, the following command will have no effect.
poetry update crowdstrike-falconpyUpdates are performed as dictated by the contents of your Pipfile. If this file is pinned to a specific version, the following command will have no effect.
pipenv update crowdstrike-falconpypython3 -m pip install crowdstrike-falconpy --upgradeor:
pip3 install crowdstrike-falconpy --upgradeThe Bleeding Edge release is the latest release of the production package after new changes but prior to the release of this package to the production index. The period of time between the Bleeding Edge release and the production release is referred to as soak time and typically lasts for a few days to a week. If you'd like to try the Bleeding Edge version of the stable release, you will need to use the PyPI test index.
In order to install the Bleeding Edge release, you will need to add the test index to your pyproject.toml file.
PLEASE NOTE: The
sourcecommand is available in Poetry v1.2.0+. For scenarios where you are unable to the upgrade to the latest version of Poetry, these changes will need to be manually implemented within yourpyproject.tomlfile.
poetry source add -s testpypi https://test.pypi.org/simple/This will add the following to your pyproject.toml file.
[[tool.poetry.source]]
name = "testpypi"
url = "https://test.pypi.org/simple/"
default = false
secondary = trueOnce the test index is enabled for your project, you can update the crowdstrike-falconpy package using this new index.
First we remove the production package.
poetry remove crowdstrike-falconpyThen we add in the Bleeding Edge package.
poetry add --source testpypi crowdstrike-falconpyThis will update your pyproject.toml file as follows.
crowdstrike-falconpy = {version = "^1.x.x", source = "testpypi"}When you have completed testing and want to swap back to the production package, you can revert these changes quickly.
Remove the Bleeding Edge package.
poetry remove crowdstrike-falconpyInstall the production package.
poetry add crowdstrike-falconpyYou can specify the index you wish to install from using the --pypi-mirror flag.
pipenv install --pypi-mirror https://test.pypi.org/simple crowdstrike-falconpypython3 -m pip install -i https://test.pypi.org/simple crowdstrike-falconpyor:
pip3 install -i https://test.pypi.org/simple crowdstrike-falconpyThis package is updated as part of our regular build cycle, you may move to the Bleeding Edge release at any time and maintain it in your environment exactly as you would the stable release.
You may use Poetry or Pipenv to upgrade to the latest Bleeding Edge release by following the installation procedure detailed above.
To upgrade to the Bleeding Edge version you can use the following command:
python3 -m pip install -i https://test.pypi.org/simple crowdstrike-falconpy --upgradeor:
pip3 install -i https://test.pypi.org/simple crowdstrike-falconpy --upgradeUninstalling and removing the FalconPy package entirely can be performed quickly regardless of your preferred solution.
poetry remove crowdstrike-falconpypipenv uninstall crowdstrike-falconpypython3 -m pip uninstall crowdstrike-falconpyor:
pip3 uninstall crowdstrike-falconpyPlease note: This will uninstall whichever version of FalconPy you have installed, bleeding edge or stable.
The FalconPy development package (crowdstrike-falconpy-dev) is released from the dev branch as part of the code review and testing process. New library functionality and changes will be released to the development package prior to the production package and are available for pre-release testing.
NOTE: The development package uses a different module name,
falconpydev. You will need to update your import to match.
The development package can be installed to your local or virtual environment using the same commands.
poetry add crowdstrike-falconpy-devpipenv install crowdstrike-falconpy-devpython3 -m pip install crowdstrike-falconpy-devYou may also call pip3 directly to perform an installation:
pip3 install crowdstrike-falconpy-devYou can upgrade to the latest release by installing updates via the Python Package Index.
Updates are performed as dictated by the contents of your pyproject.toml file. If this file is pinned to a specific version, the following command will have no effect.
poetry update crowdstrike-falconpy-devUpdates are performed as dictated by the contents of your Pipfile. If this file is pinned to a specific version, the following command will have no effect.
pipenv update crowdstrike-falconpy-devpython3 -m pip install crowdstrike-falconpy-dev --upgradeor
pip3 install crowdstrike-falconpy-dev --upgradeAs before, uninstalling the development package is also a simple process.
poetry remove crowdstrike-falconpypipenv uninstall crowdstrike-falconpypython3 -m pip uninstall crowdstrike-falconpy-devor:
pip3 uninstall crowdstrike-falconpy-dev
- Home
- Discussions Board
- Glossary of Terms
- Installation, Upgrades and Removal
- Samples Collection
- Using FalconPy
- API Operations
-
Service Collections
- Alerts
- API Integrations
- Cloud Connect AWS (deprecated)
- Cloud Snapshots
- Configuration Assessment
- Configuration Assessment Evaluation Logic
- Container Alerts
- Container Detections
- Container Images
- Container Packages
- Container Vulnerabilities
- CSPM Registration
- Custom IOAs
- Custom Storage
- D4C Registration (deprecated)
- Detects
- Device Control Policies
- Discover
- Drift Indicators
- Event Streams
- Exposure Management
- Falcon Complete Dashboard
- Falcon Container
- Falcon Intelligence Sandbox
- FDR
- FileVantage
- Firewall Management
- Firewall Policies
- Foundry LogScale
- Host Group
- Hosts
- Identity Protection
- Image Assessment Policies
- Incidents
- Installation Tokens
- Intel
- IOA Exclusions
- IOC
- IOCs (deprecated)
- Kubernetes Protection
- MalQuery
- Message Center
- ML Exclusions
- Mobile Enrollment
- MSSP (Flight Control)
- OAuth2
- ODS (On Demand Scan)
- Overwatch Dashboard
- Prevention Policy
- Quarantine
- Quick Scan
- Real Time Response
- Real Time Response Admin
- Real Time Response Audit
- Recon
- Report Executions
- Response Policies
- Sample Uploads
- Scheduled Reports
- Sensor Download
- Sensor Update Policy
- Sensor Visibility Exclusions
- Spotlight Evaluation Logic
- Spotlight Vulnerabilities
- Tailored Intelligence
- ThreatGraph
- Unidentified Containers
- User Management
- Workflows
- Zero Trust Assessment
- Documentation Support
-
CrowdStrike SDKs
- Crimson Falcon - Ruby
- FalconPy - Python 3
- FalconJS - Javascript
- goFalcon - Go
- PSFalcon - Powershell
- Rusty Falcon - Rust
