Prisma Cloud Discussions

Welcome to the Prisma Cloud Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating: Rules and Best Practices Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussions are encouraged; disrespectful or inflammatory comments are not. Stay On-Topic: This board is d...

CSPM API changed?

It seems to be (from the content in the response) that the API of Prisma Cloud CSPM has changed. When I call 'https://api.prismacloud.io/v2/alert?timeType=relative&timeAmount=1&timeUnit=day&detailed=true' the response (according to the documentation on https://api.docs.prismacloud.io/reference#get-alerts-v2) should contain policy.com...

Requirement Id is blank when creating Compliance Requirement using POST API

While creating compliance requirement via API even though by passing Requirement Id field value but in backend Requirement Id is blank.

GitLab SCM self hosted supported?

We have a self-hosted GitLab SCM and want to scan the IaC templates with Prisma Cloud.However, when we want to generate the webhook token following the instructions, it seems to default to gitlab.com. and also there seems to be no way of changing this.Can we use our self-hosted GitLab or is only the GitLab.com supported?

Json Error when sending POST request to https://api.prismacloud.io/search/config

Hello, I am getting the below error when sending the POST request to "https://api.prismacloud.io/search/config",Error: { "errorMessage": "Expecting value: line 1 column 1 (char 0)", "errorType": "JSONDecodeError", "stackTrace": [ " File \"/var/task/lambda_function.py\", line 49, in lambda_handler\n queryRQL(REQ_HEADER,url,requestbodyAWS)\n", " ...

RQL to unassociated/unused security group in AWS/Azure

Do you guys have any experience of using custom policies to find unused/unattached security group in any cloud environment? Would like to see and take reference. Thanks

Where do I investigate Radars/Hosts => Network/Outbound destinations?

On the Network tab for my hosts in the Radars/Hosts view, Cuba is being flagged as an outbound destination.I'm curious how to drill down into why that's the case to determine whether this is erroneous or not.This is on a self-hosted deployment version 20.09.345.

RQL query for tag-based exception

Hi,I'm trying to help a customer filter out false-positives in the Prisma Cloud policies. For instance, we have a customised "Internet exposed instances" where they previously have white listed specific IP addresses, which is not very dynamic. Instead, we've created tags on all Azure resources in the format of "allowInternetInbound:yes" and I'm ...

twistcli with buildah?

Hi There,We have a build process that we are migrating to a rootless containerized builder, and are using buildah to build and push the images instead of docker. If I pull an image with buildah, it downloads the image but when I run twistcli on that image It throws: failed to find image Is anyone else using twistcli with buildah? is there some ...

Not Able to triggered alert on Prisma cloud after integration with Service now

Hi Team, We recently integrated our Prisma Cloud Solution with Service Now tool to get the auto generated ticket on service now. we reverify the configuration and looks good. Thereafter , we violate the policy from AWS account but alert is not getting triggered on our Prisma cloud. Could you please suggest and help me out.

Trying to find a way to generate TW_POLICY key value pair for deploying serverless single defender using Prisma Cloud SAAS APIs

Hi Everyone, My team is trying to find a way to generate TW_POLICY key value pair for deploying serverless single defender using Prisma Cloud SAAS APIs and any help in this regard will be much appreciated.Also, we observed that the value of the TW_POLICY variable doesn't change so we wanted to confirm that it will always be the case or not.Regar...

Panorama PANOS up-gradation

Hi,My Panorama PANOS version is 9.1.6 and Prisma cloud configured on it. and we will upgrade the PANOS to 10.0.6for Prisma Access, the plugin has been already updated to cloud_services-2.0.0-preferredKindly confirm if the Data Plane version can be upgraded to latest version along with Panorama software version. current data-plain version:PANOS 9...

Container image scanning for Images built in JIB library or Ko

Our current CI build uses Jib and Ko libraries to build container images. Would like to explore if Twistcli can scan those images which are not built using Docker or Podman?

Container scanning image through GitHub Action 401 Unauthorized error.

I'm trying to inject this https://github.com/PaloAltoNetworks/prisma-cloud-scan Prisma Cloud Scan Action in my GitHub Action. Failed with 401 Unauthorized Error. Also, tried with twislockcli and getting same error. Prisma Cloud admin reset the password too. Also, tried using the Access Key but both failed with same error. I can see issues with u...

How to get Device SN, Auth Code, or Parent Order Number for Support for Prisma Compute user

I need to add more users to our support portal. They support Prisma Cloud, Compute Edition. I have sent them to the support portal, and when they go to register, they need the Customer Id, which I have, and either the Device Serial Number, the Auth Code, or Parent Order Number. I can find none of those in either our support portal, Prisma Clou...

RQL Query - Trying to Link Security Groups that are not linked to a particular Transit Gateway ID. but getting Bad Request Error

Trying to Join 2 API: aws-ec2-describe-security-groups & aws-vpc-transit-gateway-attachment 1. List of Security Groups that allow everything: config from cloud.resource where cloud.type = 'aws' AND api.name= 'aws-ec2-describe-security-groups' AND json.rule = isShared is false and (ipPermissions[?any((ipProtocol equals tcp or ipProtocol equal...

Discussions