RQL Filter Query Syntax Error

I am testing few sample query with JOIN however running into multiple syntax errors.

I am trying match Azure  NSG  list  and  would like to know, if  Azure VNET contain subnet with that specific NSG. 

 NSG -ID to match with VNET-Subnet array contains

Identify Image Vulnerability Repeat Findings from two Vulnerability Reports

Am trying to identify how, in PCCE, to identify repeated findings from one image vulnerability report to the previous report?

Microsegmentation EoS label

Dear,

I did not find the technical documentation for Prisma Cloud microsegmentation using my bookmark: https://docs.paloaltonetworks.com/content/dam/techdocs/en US/pdf/prisma/prisma-cloud/prisma-cloud-admin-microsegmentation/prismacloud-admin-microse

Can we use Prisma cloud WAAS to protect AWS ALB

Hi All,

Can we use Prisma cloud WAAS to protect AWS ALB? As I've checked it can protect host or container ..but need to know if it act as WAF same like AWS which check ALB traffic and we can apply rule on ALB.

Prisma Cloud Policy - Check if Logging is enabled for HTTP(S) Load Balancer in GCP

Based on CIS Benchmark, there is an gcloud cli command to check if the Enable logging is enabled.

From Google Cloud CLI

1. Run the following command

gcloud compute backend-services describe <servicename>

Global external Application Load Balancer loggi

How to Disable TLS 1 and 1.1 in Prisma Cloud ?

Hi All

During our Vulnerability Assessment, the vendor found that our VPN URL has TLS 1, 1.1 and 1.2 Enabled. and recommended to disable up to 1.2 and use 1.3 only.

I cant find that settings in Cloud Strata Manager. Any idea where is that settings in

Does intelligence stream for offline environments include stream for Windows container vulnerabilities?

If I use twistcli to download an intelligence stream for offline environments, does the downloaded package include vulnerability data for Windows containers?  Are there additional parameters to specify including windows container vulnerabilities?

/

How do we deploy defender on windows kubernetes

Hi,

It has been a real pain trying to work out how to deploy Prisma defender on Kubernetes AKS cluster windows nodes after following this site instructions but no joy: Kubernetes (paloaltonetworks.com) 

Can anyone help please?

Thank you

Abdel

RQL to check ALL the virtual machines and service accounts in differents clouds. Prisma Cloud

Hello Community. 

I need your help. I need a RQL in prisma cloud to check ALL my virtual machines and service accounts. The RQL should be work to GCP, AWS, Azure and OCI cloud. 
It's possible? I wanna check in a new custom policy all my VMs and service

we are not able to fetch the details on MS sentinel with access key. Can we add access key to the permission groups.

Hi Team,

I recently created access key in order to make data connector connection with MS Sentinel. I could configure connection but not able to see data there. May I know if we can add access key to the permission group in order to get access to the

X-Forwarded-For

Hello dear, has anyone seen something similar to this: In Primsma-cloud enterprise edition when I create the rule in Defend --> Waas for an environment with kubernetes and using ingress-nginx-controller. In Monitor -->Rules-->Events, in the "IP" fiel

Prisma Cloud Health Check via Cli

Dear Team, 

We currently configured Prisma Container Scan task as a Stage in one of our Pipeline. We are using Twist-cli and Jenkins to perform the image scanning in the stage. We wanted to skip this stage if Prisma is not accessible or available or f

Can't find api.name needed for RQL Query formation

I can't seem to find any api.name neither under the cloud.service: "Azure Security Center" or "Azure Defender for Cloud" relating to Defender Security Policies. I am trying to draft up an RQL to test Azure Security Center Policy Settings but unable t

Policies on AWS RDS Service

Is there a way to get a list of all Policies configured on AWS RDS Service? Our DB teams are asking for the list of Policies that they should consider while securely configuring DBs.

[RQL] How to construct a query to investigate on all AWS Security Groups that has outbound to 0.0.0.0

Reference: https://docs.aws.amazon.com/cli/latest/reference/ec2/describe-security-groups.html

RQL that is not working: config from cloud.resource where cloud.type = 'aws' AND api.name = 'describe-security-groups' AND json.rule = "IpPermissionsEgres