Skip to content

Firewall

Jump to bottom
Joshua Hiller edited this page May 15, 2026 · 3 revisions

Search and manage Falcon firewall rules and rule groups.

API Scopes

  • Firewall Management: READ
  • Firewall Management: WRITE

Tools

falcon_create_firewall_rule_group

Note

This tool modifies data.

Required scopes: Firewall Management: WRITE

Create a firewall rule group.

Example prompts:

  • "Create a Windows firewall rule group named 'Prod Outbound'"

falcon_delete_firewall_rule_groups

Caution

This tool performs destructive operations.

Required scopes: Firewall Management: WRITE

Delete firewall rule groups by ID.

Example prompts:

  • "Delete firewall rule group abc123"

falcon_search_firewall_policy_rules

Required scopes: Firewall Management: READ

Search firewall rules in a specific policy container and return full rule details.

Example prompts:

  • "Show me all rules in firewall policy abc123"

falcon_search_firewall_rule_groups

Required scopes: Firewall Management: READ

Search firewall rule groups and return full rule group details.

Example prompts:

  • "Find all enabled firewall rule groups for Windows"

falcon_search_firewall_rules

Required scopes: Firewall Management: READ

Search firewall rules and return full rule details.

Example prompts:

  • "Show me all enabled Windows firewall rules"
  • "Find firewall rules matching 'outbound'"

Resources

  • falcon://firewall/rules/fql-guide: Contains the guide for the filter param of firewall search tools.

Clone this wiki locally