Automatically check Prisma Cloud account status?

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Automatically check Prisma Cloud account status?

L0 Member

Is there a mechanism to automate checks/provide notification of the status of a cloud account in Prisma Cloud?

 

(i.e. If we are relying on Prisma Cloud to provide detection capabilities how can we monitor that the service itself is functioning and has the access it requires to perform those functions i.e. ingestion from AWS CloudTrail, Config, GuardDuty, VPC Flow Logs, etc.)

 

Thanks

4 REPLIES 4

L1 Bithead

Hello,

While we do not have this feature currently available, I believe it has been submitted to our product management team for future implementation. You can submit a feature request directly from the Prisma Cloud UI for this by clicking on the question mark in the bottom right hand corner -> Product -> Submit a request.

L0 Member

You may vote and subscribe to this feature request to be notified of updates : https://prismacloud.ideas.aha.io/ideas/PANW-I-79

L2 Linker

Hello,

 

Thank you for your question. I know it has been sometime since you have asked this, but I wanted to make sure I can answer this for you.

 

Prisma now is able to Alert you when a status of a cloud account in Prisma Cloud is not configured or if permissions are missing.

Once notified, you can navigate to the bell displayed on the bottom left corner which should display 'ALARM' when you hover over it with your mouse. Click on the bell (Alarm) and then the cloud accounts with permission/ingestion issues will display with the error or permission that are necessary to remediate the error.

 

Hope this helps!

L2 Linker

Hello @dbrightman 
To automate the account status, please use the published Prisma cloud API calls:
Step 1: Use the below API

 

curl --location --request GET 'https://api2.prismacloud.io/cloud' \
--header 'accept: application/json; charset=UTF-8' \
--header 'content-type: application/json' \
--header 'x-redlock-auth: YOUR_JWT_TOKEN'

 

and save the results in the JSON file account.json

Step 2: Use any utility to parse the JSON and get your results; I am using jq here

 

jq -r '.[] | .name,.status' account.json

 

 

Step 3: Filter for failed status and send notifications to your downstream channel.

Cloud Security Architect @Prisma Cloud Customer Success
  • 5696 Views
  • 4 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!