Prisma-Azure RQL query to fetch public IPs
I am able to see public IPs attached to azure Network interfaces but I am not able to fetch public IPs in a column.
I am able to see public IPs attached to azure Network interfaces but I am not able to fetch public IPs in a column.
I have configured Prisma CloudCompute Console/Manage/Alerts/Manage/Alert providers/AWSSecurityHub.
When I <Send Test Alert>, the console reports success and the status of that integration is green, "Connected".
I have also configured Registry scans
...
Hi,
Can anyone direct me to a document or script that can be used to automate account onboarding whenever a new AWS account is created in the organisation. I have this on github but the seems to be the entire process of onboarding Prisma cloud;
https:/
We need to be able to inventory, search, and create policies related to OIDC type IDPs within AWS. AWS supports via CLI with the use of: list-open-id-connect-providers
https://docs.aws.amazon.com/cli/latest/reference/iam/list-open-id-connect-providers
Is there a way to write RQL to check the traffic towards that resource/to know the operations/activity details with respect to particular resource host name?In the circumstances where we are not aware of the cloud type??and if can't atleast with clou
...
I have a doubt about the Prisma Cloud data security module. The integration only supports monitor mode, but when a file with malware is found in a bucket, and the wildfire gives the malware verdict, is the file blocked or only notified that the file
...
Hello team.
I can look for an event to see failed login attempts with;
event where operation = 'ConsoleLogin' and json.rule = $.responseElements.ConsoleLogin != 'Success'
Is there a way to count these (like we see in config with 'as X; count(X) greater
...
Policy Name : AWS RDS instance with Multi-Availability Zone disabled.
Policy Mode : Prisma Cloud Default
RQL : config where cloud.type = 'aws' AND api.name = 'aws-rds-describe-db-instances' AND json.rule = '(engine does not contain aurora and engine do
...
Is it possible with Prisma Cloud to check that passwords (e.g. Linux root, Windows local administrator) are unique on each server hosted in AWS, Azure, etc.?
Hi Friends,
I wanted to look out the traffic where FTP/SSH port enabled from an internet/suspicious IP's to internal network.With the below query i am able to see the connection details.
network where dest.port IN ( 21,22 ) AND source.publicnetwork I
...
Regarding https://docs.paloaltonetworks.com/prisma/prisma-cloud/22-01/prisma-cloud-compute-edition-admin/configure/collections
I want to specify a collection of images that have been labeled in the Dockerfile with "LABEL Environment=Development".
How
...
- Api call add alert rule:
I want to create alert rules via API for the CSPM. Are there any examples for this? It's not clear to me how to populate:
alertRuleNotificationConfig
https://prisma.pan.dev/api/cloud/cspm/alert-rules#operation/add-aler
...
Hi team,
Does any one know if you can create custom rule policy by app?, I tried by process name and parent process but I still see alerts despite I created and add ignored action. so I want to know if I could apply this ignored action to every pro
...
Hello to all on the youtube channel for the live community there is a free training. You can also request a trial license for 30 days for the Prisma Cloud and schedule a workshop if want to play with the technology a little more:
https://www.youtub
...
I'm attempting to clone a default Azure policy for overly permissive NSG's. The cloned policy is essentially the same with additional RQL at the end to only alert on NSG's that do not have a certain tag value. We've verified the RQL works, we've r
...