Block Request Category List

  • Rversion finale: Australia
  • Mis à jour 12 mars 2026
  • 1 minute de lecture

    • Block Request Category List classify observables in ServiceNow® based on the block or allow action selected in the CrowdStrike platform. The Category List provides options to initiate a change request for list approval. This ensures that approvals are routed and processed seamlessly as part of the Block Request capability flow.

    Avant de commencer

    Role required: sn_si.analyst

    Remarque :
    You must configure the CrowdStrike Falcon Insight configuration tile to use the Block Request Capability for CrowdStrike. For more information on how to configure the integration, see Install and configure CrowdStrike Falcon Insight

    Pourquoi et quand exécuter cette tâche

    The Block Request Category List includes two Hash Categories.
    • Allow List Entries – Displays observables added to the Allow Hash category.
    • Block List Entries – Displays observables added to the Block Hash category.

    Procédure

    1. Navigate to All > CrowdStrike Falcon Insight Integration > Block Request Category List.
    2. Select Allow Hash.
    3. Create a change request:
      1. Select Create Change Request.
      2. Select and hold (or right-click) the navigation bar and select Save.
      3. A change Request field is created with the Request number.
    4. Select Approvers:
      1. Select Require Approval.
      2. Select Approvers for adding observable from the search bar.
      3. Select Approvers for Removing Observable from the search bar.

        For a description of the field values, see CrowdStrike Block Request Category List.

    5. Select Update.

    Résultats

    CrowdStrike Falcon Insight block requests can be reviewed, tracked, and responded to in Security Incident Response using standard Block Request capability flow.