This website uses cookies essential to its operation, for analytics, and for personalized content. By continuing to browse this site, you acknowledge the use of cookies.
For details on cookie usage on our site, read our Privacy Policy
For details on cookie usage on our site, read our Privacy Policy
如何通过警报规则高级设置排除云账户
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Options
- Subscribe to RSS Feed
- Mark as New
- Mark as Read
- Bookmark
- Subscribe
- Printer Friendly Page
- Report This Content
Wei_Zhang
L2 Linker
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report This Content
on 01-19-2023 06:12 PM
No ratings
目标
问题 - 用户正试图通过RQL排除调查页面上的一个云账户。当他试图在查询中添加 cloud.account != "XXX "时,他无法排除来自云账户的结果。
环境
Prisma Cloud
流程
配置扫描器会忽略cloud.account, cloud.accountgroup, cloud.region以及任何其他限制账户或区域的条件。这是因为那些应该由警报规则(Alert Rule)来配置。因此,要使自定义策略不产生云帐户,必须在警报规则中排除它。
要在警报规则中排除云账户,请通过 "高级设置"。这将为该警报规则的云资源触发警报添加更多的粒度:排除云账户 - 如果在选定的账户组中有一些云账户您不想触发警报,请从列表中选择这些账户。
其他信息
Rate this article:
LEGAL NOTICES
Copyright 2007 - 2023 - Palo Alto Networks