06-22-2020 09:01 AM - last edited on 09-02-2020 10:50 AM by CHopson
Is there a mechanism to automate checks/provide notification of the status of a cloud account in Prisma Cloud?
(i.e. If we are relying on Prisma Cloud to provide detection capabilities how can we monitor that the service itself is functioning and has the access it requires to perform those functions i.e. ingestion from AWS CloudTrail, Config, GuardDuty, VPC Flow Logs, etc.)
07-06-2020 07:15 AM
While we do not have this feature currently available, I believe it has been submitted to our product management team for future implementation. You can submit a feature request directly from the Prisma Cloud UI for this by clicking on the question mark in the bottom right hand corner -> Product -> Submit a request.
07-14-2020 05:52 PM
You may vote and subscribe to this feature request to be notified of updates : https://prismacloud.ideas.aha.io/ideas/PANW-I-79
09-20-2022 03:26 PM
Thank you for your question. I know it has been sometime since you have asked this, but I wanted to make sure I can answer this for you.
Prisma now is able to Alert you when a status of a cloud account in Prisma Cloud is not configured or if permissions are missing.
Once notified, you can navigate to the bell displayed on the bottom left corner which should display 'ALARM' when you hover over it with your mouse. Click on the bell (Alarm) and then the cloud accounts with permission/ingestion issues will display with the error or permission that are necessary to remediate the error.
Hope this helps!
10-03-2022 07:58 AM - edited 10-03-2022 07:58 AM
To automate the account status, please use the published Prisma cloud API calls:
Step 1: Use the below API
curl --location --request GET 'https://api2.prismacloud.io/cloud' \ --header 'accept: application/json; charset=UTF-8' \ --header 'content-type: application/json' \ --header 'x-redlock-auth: YOUR_JWT_TOKEN'
and save the results in the JSON file account.json
Step 2: Use any utility to parse the JSON and get your results; I am using jq here
jq -r '. | .name,.status' account.json
Step 3: Filter for failed status and send notifications to your downstream channel.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!