Added example showing how to run new eda event_source

CrowdStrike · Aug 4, 2023 · 1e23648 · 1e23648
1 parent 4f8bfdf
commit 1e23648
Showing 1 changed file with 9 additions and 1 deletion.
diff --git a/README.md b/README.md
@@ -74,7 +74,7 @@ You can also install a specific version of the collection, for example, if you n
 ansible-galaxy collection install crowdstrike.falcon:==0.1.0
 ```
 
-#### Example Playbook
+### Example Playbook
 
 Install and configure the CrowdStrike Falcon Sensor at version N-2:
 
@@ -93,6 +93,14 @@ Install and configure the CrowdStrike Falcon Sensor at version N-2:
       falcon_tags: 'falcon,example,tags'
 ```
 
+### Example Using the Event Stream EDA Source via Ansible Rulebook
+
+> This example requires Ansible EDA to be installed. See the [Ansible Rulebook documentation](https://ansible.readthedocs.io/projects/rulebook/en/latest/getting_started.html) for more information.
+
+```shell
+ansible-rulebook -i inventory -r crowdstrike.falcon.event_stream_example -E FALCON_CLIENT_ID,FALCON_CLIENT_SECRET
+```
+
 ## Installing on MacOS
 
 Apple platforms require Mobile Device Management (MDM) software to install kernel extensions without user prompting.