CrowdStrike Logs

Panther supports two methods for onboarding CrowdStrike logs:

• CrowdStrike Falcon Data Replicator

  • Replicate log data from your CrowdStrike environment to an S3 bucket. This method is supported for Crowdstrike.FDREvent logs.

  • .

• CrowdStrike Event Streams

  • Pull logs from the CrowdStrike Event Streams API. This method is supported for Crowdstrike.EventStreams logs.

  • .