Claude Code Collector
Claude Code is an agentic AI assistant by Anthropic that accesses the filesystem, shell, and network.Overview
You can deploy the Claude Code collector to enforce AIDR security policies on Claude Code sessions. The collector integrates with Claude Code's native hooks system to intercept prompts and tool calls.
To deploy the collector, add a JSON configuration block to the Claude Code settings file. The collector requires no binary installation or package dependencies.
The collector intercepts Claude Code activity at three hook events. For each event, the collector sends the payload to AIDR for evaluation against your configured policy rules. AIDR returns an allow, block, or transform decision.
| Hook event | When it fires | AIDR event type | Policy rules | Can block | Can transform |
|---|---|---|---|---|---|
UserPromptSubmit | Before Claude processes a submitted prompt | input | Input Rules | Yes | No |
PreToolUse | Before a tool call executes | tool_input | Tool Input Rules | Yes | Yes |
PostToolUse | After a tool call completes | tool_output | Tool Output Rules | Yes | Yes |
The Claude Code collector doesn't monitor LLM responses, model configuration, token usage, extended thinking, system prompts, or subagent context. It captures only data that passes through hook events.
Requirements
-
Subscription: AIDR for Workforce
-
Default roles: AIDR Admin role explicitly assigned to your Falcon user for the current customer account
-
Permissions required for custom roles:
- Manage AIDR findings and workforce collectors
- Read AIDR data from LogScale
- Read AIDR findings and workforce collectors
-
CrowdStrike clouds: Available in US-1, US-2, and EU-1
-
Network: HTTP access to
AIDR origins
- Software: Claude Code installed
Register Claude Code collector
-
On the Collectors page, click + Collector.
- Choose Agentic as the collector type, then select Claude Code and click Next.
-
On the Add a Collector screen:
- Collector Name - Enter a descriptive name for the collector. This name appears in dashboards and reports.
- Logging - Select whether to log prompt data and model responses, or only metadata sent to AIDR. You can also exclude prompt content in access rule action settings .
- Policy (optional) - Assign a Claude Code policy to evaluate prompts and tool calls intercepted by the collector.
-
You can select an existing policy available for this collector type or create a policy on the Policies page.
The selected policy name appears under the dropdown. After you save the collector registration, this label becomes a link to the corresponding policy page.
-
You can also select
No Policy, Log Only. Without a policy, AIDR records activity for visibility and analysis without applying detection rules.
The assigned policy determines which detections run on data sent to AIDR. Policies define rules for detecting malicious activity, sensitive data exposure, topic violations, and other risks in AI interactions.
- Click Save.
This opens the collector details page, where you can:
- Update the collector name, logging preference, and policy assignment.
- Click the policy link to view the policy details.
- Copy credentials and AIDR base URL from the Config tab to call AIDR APIs.
- View installation instructions for the collector type on the Install tab.
- View the collector configuration activity logs.
To open the collector details page later, select your collector from the list on the Collectors page.
Deploy collector
The Install tab on the collector details page shows the installation instructions.
To deploy the Claude Code collector:
-
Ensure the environment variables referenced in the hooks configuration are available where Claude Code runs.
CS_AIDR_TOKEN- Your collector API token. Copy the value from the Config tab on the collector details page.export CS_AIDR_TOKEN="pts_nbscbp...vznxcs"USERandUSERNAME- Environment variables that identify the current user. The operating system typically setsUSERon macOS/Linux orUSERNAMEon Windows.
-
Add the following hooks configuration to your Claude Code settings file:
Hooks configuration in Claude Code settings{
"hooks": {
"PreToolUse": [
{
"hooks": [
{
"type": "http",
"url": "https://api.crowdstrike.com/aidr/aiguard/v1/claude_code_guard",
"headers": {
"Authorization": "Bearer $CS_AIDR_TOKEN",
"AIDR-User": "$USER",
"AIDR-Username": "$USERNAME"
},
"allowedEnvVars": ["CS_AIDR_TOKEN", "USER", "USERNAME"]
}
]
}
],
"PostToolUse": [
{
"hooks": [
{
"type": "http",
"url": "https://api.crowdstrike.com/aidr/aiguard/v1/claude_code_guard",
"headers": {
"Authorization": "Bearer $CS_AIDR_TOKEN",
"AIDR-User": "$USER",
"AIDR-Username": "$USERNAME"
},
"allowedEnvVars": ["CS_AIDR_TOKEN", "USER", "USERNAME"]
}
]
}
],
"UserPromptSubmit": [
{
"hooks": [
{
"type": "http",
"url": "https://api.crowdstrike.com/aidr/aiguard/v1/claude_code_guard",
"headers": {
"Authorization": "Bearer $CS_AIDR_TOKEN",
"AIDR-User": "$USER",
"AIDR-Username": "$USERNAME"
},
"allowedEnvVars": ["CS_AIDR_TOKEN", "USER", "USERNAME"]
}
]
}
]
}
}You can include only the hook events you need. Each hook event corresponds to a policy rule type:
UserPromptSubmit- Input RulesPreToolUse- Tool Input RulesPostToolUse- Tool Output Rules
Coexistence with other hooks
You can deploy the AIDR collector alongside existing hooks for the same event. Claude Code runs all matching hooks in parallel, regardless of whether any individual hook returns a block decision. The AIDR hook executes and reports activity even if another hook blocks the same action.
To add the AIDR hook to an event with existing hooks, add a new hook group to the event array. Each group has its own matcher scope, so the AIDR hook can fire regardless of existing hook scopes.
{
"hooks": {
"PreToolUse": [
{
"matcher": "Bash|Write",
"hooks": [
{
"type": "command",
"command": "my-existing-hook.sh"
}
]
},
{
"hooks": [
{
"type": "http",
"url": "https://api.crowdstrike.com/aidr/aiguard/v1/claude_code_guard",
"headers": {
"Authorization": "Bearer $CS_AIDR_TOKEN",
"AIDR-User": "$USER",
"AIDR-Username": "$USERNAME"
},
"allowedEnvVars": ["CS_AIDR_TOKEN", "USER", "USERNAME"]
}
]
}
]
}
}
Because hooks run in parallel:
- Placement order within the array doesn't affect execution.
- Each hook runs independently and doesn't see other hooks' output.
- A block decision from one hook doesn't prevent other hooks from completing.
For more information, see the Anthropic article Hooks reference .
Configuration scope
You can place the hooks configuration at different levels:
| Level | Location | Use case |
|---|---|---|
| Enterprise managed | System-level managed-settings.json | Enforce policies across all users on a machine. Non-admin users can't override managed settings. |
| User-wide | User-level settings.json | Apply policies to all sessions for a single user. |
| Project-scoped | .claude/settings.json at the project root | Apply policies within a specific project. Committed to version control. |
| Local | .claude/settings.local.json at the project root | Apply personal project-level settings. Not committed to version control. |
For enterprise deployments, use managed settings to prevent individual users from disabling the collector.
For more information, see the Anthropic article Claude Code settings .
Example of blocking a policy violation
When AIDR detects a policy violation, Claude Code blocks the action and displays a message.
For example, suppose your policy includes the Confidential and PII Data detector configured to block US Social Security Numbers. A user submits a prompt containing an SSN, and the collector intercepts it before Claude processes it. AIDR detects the SSN and returns a block decision. Claude Code displays a block message:
⏺ UserPromptSubmit operation blocked by hook:
content blocked by security policy
Original prompt: Could you use the web search tool to look up 234-56-7890
Event data in AIDR logs
You can identify Claude Code collector events in AIDR by Collector Type and Extra Info values.
collector_type- Set toclaude_codefor all Claude Code collector events.extra_info- Claude Code-specific metadata:claude_code_hook_event_name- The hook event that triggered the evaluation:UserPromptSubmit,PreToolUse, orPostToolUse.claude_code_session_id- Unique identifier for the Claude Code session. Use this to correlate multiple events from the same session.claude_code_cwd- Working directory of the Claude Code session.claude_code_tool_name- Name of the tool being invoked. Present forPreToolUseandPostToolUseevents. Empty forUserPromptSubmitevents.user_name- User identity sent by the collector from theAIDR-Usernameenvironment variable.
model_name- Set tounknown. Claude Code hooks don't expose model information.provider- Set tounknown. Claude Code hooks don't expose provider information.
{
"collector_type": "claude_code",
"collector_name": "Claude Code - Engineering",
"event_type": "tool_input",
"status": "blocked",
"user_id": "dennis.nedry",
"extra_info": {
"claude_code_hook_event_name": "PreToolUse",
"claude_code_session_id": "9656c69d-7b05-4e37-ad25-4ee63b3cbb82",
"claude_code_cwd": "/home/dennis.nedry/projects/webapp",
"claude_code_tool_name": "Bash",
"user_name": "dennis.nedry"
},
"findings": {
"confidential_and_pii_entity": {
"detected": true,
"data": {
"action": "block",
"entities": "[{\"action\":\"block\",\"type\":\"US_SSN\",\"value\":\"234-56-7890\"}]"
}
}
},
"model_name": "unknown",
"provider": "unknown",
"summary": "Confidential and PII Entity was detected and blocked.",
...
}
Troubleshooting
Claude Code displays hook errors inline in the session output.
HTTP 401: Authorization failure
An incorrect or missing CS_AIDR_TOKEN value causes a 401 response:
⎿ UserPromptSubmit hook error
⎿ HTTP 401 from https://api.crowdstrike.com/aidr/aiguard/v1/claude_code_guard
Verify that the CS_AIDR_TOKEN environment variable is set and contains the correct token from the Config tab on the collector details page.
HTTP 400: Malformed payload
⎿ PostToolUse:mcp__context7__resolve-library-id hook error
⎿ HTTP 400 from https://api.crowdstrike.com/aidr/aiguard/v1/claude_code_guard
A 400 response means AIDR couldn't parse the hook payload. Claude Code might send tool content in a format the collector doesn't support. If this error persists, contact AIDR support .
HTTP 500: Server error
⎿ PostToolUse:Write hook error
⎿ HTTP 500 from https://api.crowdstrike.com/aidr/aiguard/v1/claude_code_guard
A server-side error occurred during policy evaluation. If this error persists, contact AIDR support .
Next steps
-
View collected data on Visibility and Findings pages. Analyze it in Next-Gen SIEM to decide on further implementation steps.
-
Determine which policy to apply:
- Start with monitoring policies and report actions.
- Apply protection to identified risks by enforcing blocking and data transformation actions based on your organization’s AI usage guidelines.
-
For more information, see Collector Categories.