Help with RQL 'group by'

Hi,

I want to do a search that groups every assset name of a result from an api by account and return the project where in can't find an specific string.

Wanted to know if 'group by' could be used for that?

Wasn't able to find examples of how to us

Data Ingestion Error

Hello Team Hope you are doing well.

Prisma cloud palo Alto:

I just have one query as I am getting"Unable to ingest data from one or more service,click for more details" error what could be the possibility reason.

I didn't change anything to my any ac

Error: Unable to ingest data from one or more accounts

Cloud account cannot be monitored due to missing permissions. Hit the Review button to see the current status and update settings. Error: Unable to ingest data from one or more services.

Manual Azure Onboarding Fail

HI,
after carrying out all the steps reported in the official guide, Azure onboarding fails.
Part of the error is as follows:
Prisma Cloud application is not assigned following action(s): ["Microsoft.Logic/integrationAccounts/read", "Microsoft.Insights/

RQL Query to search for suspicious activity on specific S3 Bucket

We have a specific S3 bucket that we'd like to watch for events and alert on them.  I've used this query:

event from cloud.audit_logs where operation IN ( 'AddUserToGroup', 'AttachGroupPolicy', 'AttachGroupPolicy', 'AttachUserPolicy' , 'AttachRoleP

User-ID using Cloud identity engine with Azure AD

Hello All,

We are in the process of configuring the Cloud Identity Engine with the directory sync features with Azure-AD to pool the users and the groups in order to applying role/group-based access control. Despite successfully completing several

How to implement different rule in Azure DevOps CI and CD stage?

RQL query for resources outside the authorized regions

Hello Prisma Cloud users,

I'm sharing with you some research I did this morning that you may find interesting. We want to detect and prevent when a resource is created in an unauthorized region.

Prisma Cloud Health Check via Cli

Dear Team, 

We currently configured Prisma Container Scan task as a Stage in one of our Pipeline. We are using Twist-cli and Jenkins to perform the image scanning in the stage. We wanted to skip this stage if Prisma is not accessible or available or f

Database Acitivity Monitoring for Cloud

how do you deal with issues related to Database Activity Monitoring (DAM) and File Integrity Monitoring (FIM) in the cloud? Does Prisma Cloud have something related to this?

Remove deleted containers from results

Hello I have two very simple questions! 

When I push image to registry and run the scanner the results in the UI exists but when I delete the image from registry and scan it again the result for removed container still exists. Is it possible to remov

Prisma Cloud Compute Edition console installation on Fargate

Hello,

I'm trying to run Prisma Cloud Compute Edition on AWS Fargate. I'm following the next guide https://docs.paloaltonetworks.com/prisma/prisma-cloud/30/prisma-cloud-compute-edition-admin/install/deploy-console/console-on-fargate everything was

Exception for IAM policy

Hi,

We have a dev/PoC project that is testing some flows that create and delete VMs, so every week for a couple of hours we had some alerts for an IAM Policy "VM instance with data destruction permissions" when it is a permanente VM we ask to follo

prisma cloud defender logs questions