Unable to use the Prisma Cloud CSPM API to POST the Compliance Trend

JLlorente — Tue, 26 Sep 2023 15:39:10 GMT

Hello everyone,

I have been unable to retrieve using the Prisma Cloud CSPM API the Compliance Posture Trend using the following function.

The PowerShell function is as follows, taking into account that the $URI variable is already set to the correct URL API:

function Get-PrismaCloudComplianceTrendV2{ param ( #String with the JWT token [Parameter( Mandatory=$true, HelpMessage="Introduce a valid token in String format", ValueFromPipeline=$true)] [String] $Token, [Parameter( Mandatory=$true, HelpMessage="Introduce a valid token in String format", ValueFromPipeline=$true)] [string] $Negocio_N ) $PrismaComplianceTrendV2 = @{ Uri = "$URI" + "compliance/posture/trend" Method= "POST" Headers= @{"x-redlock-auth"= $token;"Accept"= "application/json";"charset"="UTF-8";"content-type"="application/json"} Body = @{ "fields" = @("account.group") # "filters" = @{ # "name"="account.group" # "operator"="=" # "value"="$Negocio_N" # } "timeRange"=@{ "type"="relative" "value"= @{ "amount" ="1" "unit" = "month" } } } | ConvertTo-Json -Depth 3 } try{ Invoke-RestMethod @PrismaComplianceTrendV2 -Verbose } catch { $_.Exception.Response } }

The response every time, regardless of filter, type of Time Type or TimeRange is a 500 Internal Server Error, as seen here:

Response : StatusCode: 500, ReasonPhrase: 'Internal Server Error', Version: 1.1, Content: System.Net.Http.HttpConnectionResponseContent, Headers: { Date: Tue, 26 Sep 2023 15:37:32 GMT Connection: keep-alive Access-Control-Allow-Origin: * Access-Control-Allow-Headers: x-redlock-request-id,x-redlock-auth,rl-json-rule,terraform-version,terraform-012-parameters,rl-variable-file-names,rl-parameters,Content-Type,x-b3-traceid,x-b3-spanid,sentry-trace Access-Control-Allow-Methods: POST, PUT, GET, OPTIONS, DELETE, PATCH Access-Control-Expose-Headers: x-redlock-auth,x-redlock-request-id,x-redlock-status, x-redlock-fileName,Content-Disposition Access-Control-Max-Age: 60 Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Frame-Options: DENY X-XSS-Protection: 1; mode=block Content-Security-Policy: default-src 'self' x-redlock-request-id: 9ff33857315145e483c586bed4b377f7 Vary: Origin Vary: Access-Control-Request-Method Vary: Access-Control-Request-Headers Vary: x-redlock-auth Referrer-Policy: no-referrer X-Download-Options: noopen X-Permitted-Cross-Domain-Policies: none Content-Length: 0 } StatusCode : TargetSite : Void ThrowTerminatingError(System.Management.Automation.ErrorRecord) Message : Response status code does not indicate success: 500 (Internal Server Error). Data : {} InnerException : HelpLink : Source : System.Management.Automation HResult : -2146233088 StackTrace : at System.Management.Automation.MshCommandRuntime.ThrowTerminatingError(ErrorRecord errorRecord)

Does this function in particular follow a different request body type?

Thank you for your suggestions.

Re: Unable to use the Prisma Cloud CSPM API to POST the Compliance Trend

bpachauli — Wed, 27 Sep 2023 14:25:05 GMT

Hello, can you try this with GET method as below in your powershell script.

curl --location 'https://api2.prismacloud.io/compliance/posture/trend?timeType=relative&timeAmount=1&timeUnit=month' \ --header 'accept: application/json; charset=UTF-8' \ --header 'content-type: application/json' \ --header 'x-redlock-auth: JWT_TOKEN'

Re: Unable to use the Prisma Cloud CSPM API to POST the Compliance Trend

JLlorente — Wed, 27 Sep 2023 16:10:57 GMT

Hello Bpauchauli,

Yes, I have already implemented the GET method on a PS function. However, the GET method cannot filter through account group.

Do you have an example with the POST method?

Best regards

Re: Unable to use the Prisma Cloud CSPM API to POST the Compliance Trend

bpachauli — Wed, 27 Sep 2023 16:26:05 GMT

Hello, the GET method should filter through the account group (see the API call below), however, if you are not able to get the results, let me know, and I will help you with the POST call.

curl --location 'https://api2.prismacloud.io/compliance/posture/trend?timeType=relative&timeAmount=1&timeUnit=month&account.group=account-group' \ --header 'accept: application/json; charset=UTF-8' \ --header 'content-type: application/json' \ --header 'x-redlock-auth: JWT_TOKEN'

topic Re: Unable to use the Prisma Cloud CSPM API to POST the Compliance Trend in Prisma Cloud Discussions

Unable to use the Prisma Cloud CSPM API to POST the Compliance Trend

Re: Unable to use the Prisma Cloud CSPM API to POST the Compliance Trend

Re: Unable to use the Prisma Cloud CSPM API to POST the Compliance Trend

Re: Unable to use the Prisma Cloud CSPM API to POST the Compliance Trend