# Crowdstrike Scanner supports Crowdstrike log events that are exported by Falcon Data Replicator to S3. These logs contain information about endpoint, cloud workload, and identity data from the Crowdstrike product ecosystem. In order for Scanner to see these logs, you can configure Crowdstrike Falcon Data Replicator to publish them to S3. ## Step 1: Publish to S3 Within Crowdstrike Falcon, navigate to **Support and resources** and select **Falcon Data Replicator**. If this option is not available, you may need to talk with your Crowdstrike support team to enable Falcon Data Replicator. First, you can configure Falcon Data Replicator to push logs to a new S3 bucket hosted in Crowdstrike's AWS account. Second, you can configure data to be replicated from Crowdstrike's S3 bucket to your own S3 bucket. You can follow Crowdstrike's [documentation about Falcon Data Replicator](https://falcon.crowdstrike.com/documentation/9/falcon-data-replicator) to accomplish this. You may also want to use [Crowdstrike's FDR project on GitHub](https://github.com/CrowdStrike/FDR) to replicate the logs to your own S3 bucket. ## Step 2: Ingest via Scanner Collect Follow the instructions [here](https://docs.scanner.dev/scanner/using-scanner-complete-feature-reference/data-ingestion/sources/custom-logs-aws-s3) to ingest logs from S3 via Scanner Collect --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.scanner.dev/scanner/using-scanner-complete-feature-reference/data-ingestion/sources/crowdstrike.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.