7 releases

0.2.6 Dec 5, 2022
0.2.5 Aug 19, 2022
0.2.4 Jul 26, 2022
0.2.2 May 3, 2022
0.0.1 Nov 14, 2021

#124 in Asynchronous

Custom license

40K SLoC

CrowdStrike Falcon Twitter URL


Build CI Latest version Documentation

Rust-based SDK to CrowdStrike's Falcon APIs

rusty_falcon documentation is available on docs.rs. Users are advised to consult this rusty_falcon documentation together with the comprehensive CrowdStrike API documentation published on Developer Portal. The easiest way to learn about the SDK is to consult the set of examples built on top of the SDK.

Quick Start

To get you started quickly, the easiest and highest-level way to establish API client is to instantiate easy::client::FalconHandle. The most convenient way is to use easy::client::FalconHandle::from_env function that will read the following environment variables to authenticate with falcon cloud: FALCON_CLIENT_ID, FALCON_CLIENT_SECRET, and FALCON_CLOUD. Unless you already have a CrowdStrike key pair you can establish a new one in Falcon Portal.

use rusty_falcon::apis::sensor_download_api;
use rusty_falcon::easy::client::FalconHandle;

async fn main() {
    // Fetch credentials from environment variables and establish OAuth2 connection
    let falcon = FalconHandle::from_env()
        .expect("Could not authenticate with CrowdStrike API");

    // Call one particular API end-point using the authenticated client
    let response = sensor_download_api::get_sensor_installers_ccidby_query(&falcon.cfg)
        .expect("Could not fetch CCID");

    // Response objects returned from APIs usually follow the same pattern of having
    // 'errors', 'meta', and 'resources' fields. It is recommended to check for possible
    // application errors:
    if !response.errors.is_empty() {
        eprintln!("Errors occured while getting Falcon CCID: {:?}", response.errors);

    // Print response from the API:
    println!("{:?}", response.resources)


Ready-made examples can be found in git repo.

Getting Help

rusty_falcon is an open source project, not a CrowdStrike product. As such it carries no formal support, expressed or implied.

If you encounter any issues while using rusty_falcon, you can create an issue on our Github repo for bugs, enhancements, or other requests.

rusty_falcon project is periodically refreshed to reflect the newest additions to the CrowdStrike API. Users of the SDK are advised to track the latest releases rather closely to ensure proper function in the unlikely event of an incompatible change to a CrowdStrike API.


~247K SLoC