Anyone have experience using the Prisma Cloud API with dismissing alert, i've been testing the but always getting 404 or 400 response, check parameters below
url = "https://api.prismacloud.io/alert/dismiss"
Does anyone know how to write a query to look for S3 bucket activity i.e someone logging in to S3 buckets and performing some task as creating objects etc.
I am inserting a user into "Prisma Cloud" through API (https://api.prismacloud.io/user) with the request body as,
var userDetails = {
"email": email,
"firstName": firstName,
"lastName": lastName,
"timeZone": "America/Los_Angeles",
"roleId": <role id of sys
Hello all.
New to RQL. I have the below RQL that identifies DEFAULT VPC's;
config where cloud.account IN ( 'AWS_EBU_Networked_Prod_DR_DA_01' ) and api.name = 'aws-ec2-describe-vpcs' AND json.rule = isDefault is true
I have the below RQL that shows al
...
Hi, I'm using the Prisma Cloud (previously Redlock). Is there a way I can change the frequency of the scans to check for misconfiguration. Also where can I check the current frequency. Does the scan run every hr or every 24 hr. Is it the same for AWS
...
I have Access Key and Secret Key, with the help of these we are getting Token and we are trying to use this Token to access list of cloud account (https://api.prismacloud.io/cloud) from the API Docs (api.docs.prismacloud.io/v4.2.1/reference) and from
...
Hi team.
Can someone share the URI for Prisma Cloud API REST documentation please.
(Can't find it anywhere)
I am trying to write a custom query to get the unauthorized access details or Access denied details captured and after a certain number of attempts is there it will alert.
I am referring to the mentioned article : ( Example: Authorization Failures )
I
...
Hi everyone.
We see occurances where we have RDS Snapshots showing in AWS console.
I see from Cloudwatch/trail that primsa is connecting and issueing the call to DescribeDBSnapshots.
If I then run a very general investigate query of config where cloud.
...
Hi,
I want to write a query to list EC2 instances with unapproved AMIs. In order to write the query i need to store approved AMIs list some where in Prisma.
Q1. Where and How to store List of AMIs ?
Q2. How to use that list in query.
Thanks
Sa
Prisma Cloud produces false positives when a corporate-owned IP space is considered part of the Internet IP range. Many companies own part of the public IP space. They connect using SSH or RDP from those spaces using VPNs or other secure means. They
...
I’m looking at some rules that detect traffic on ports and it seems to flag a lot of traffic to AWS resource like the NAT gateway that we do not control.
Is it possible to exclude these based on the resource type?
For example:
Remove Network - Intern
...
Hi,
I'm trying to run a config search using the API. I can successfully get the JWT token and can use the token to do basic get options.
However, when trying the configuration search I get a 401 unauthorized error if I format the data as json( using he
...
I am using below aws-cli command to remove/disable cloudfront distribution originprotocolssl:SSLv3
Perhaps I missed the memo, but I did not see in the RQL documentation anywhere that the similiarly named ingest APIs as the AWS API are the same. So I was searching for for JSON structures that are not available, since the output is entirely differen
...
