RQL - how to filter tags in addcolumn section
Hi,
It has been a real pain trying to work out how to deploy Prisma defender on Kubernetes AKS cluster windows nodes after following this site instructions but no joy: Kubernetes (paloaltonetworks.com)
Can anyone help please?
Thank you
Abdel
Hi Everyone,
We are trying to figure out how to connect to our Prisma Cloud Tenant via API and pull metrics into PowerBI dashboards. Has anyone been able to pull metrics automatically with PowerBI or any tool for that matter?
For Prisma cloud what are folks using for reporting? The canned reports are lacking and we need to customize reports to make them actionable by groups. Customization in the tool is restricted to occurrence and one other item.
I'm attempting to clone a default Azure policy for overly permissive NSG's. The cloned policy is essentially the same with additional RQL at the end to only alert on NSG's that do not have a certain tag value. We've verified the RQL works, we've r
...
Hi there,
is there any way to integrate Prisma cloud with LogRhythm, to send the alert to the SIEM?
@PrismaCloud
Hi Team,
We recently integrated our Prisma Cloud Solution with Service Now tool to get the auto generated ticket on service now.
we reverify the configuration and looks good.
Thereafter , we violate the policy from AWS account but alert is not gettin
...
Hello! I'm attempting to write some RQL to detect policies with the following permissions and struggling a bit.
Action: "iam:PassRole"
Effect: "Allow"
Resource: "*"
Now, in general this isn't too bad to figure out. The RQL below accomplishes this nic
...
We are looking to automate a check on a new resource to see if it passes our compliance policies. As part of this automated checking we are wondering how long we should wait after a resource is created before we run the check. Is there an estima
...
Hi There,
We have a build process that we are migrating to a rootless containerized builder, and are using buildah to build and push the images instead of docker. If I pull an image with buildah, it downloads the image but when I run twistcli on that
...
Hi,
I'm trying to help a customer filter out false-positives in the Prisma Cloud policies. For instance, we have a customised "Internet exposed instances" where they previously have white listed specific IP addresses, which is not very dynamic. Instea
...
We use podman <v2.4 to build docker using jenkins CI pipeline. We have already moved to podman 3 and the lower has some issues as well as vulnerabilities however we are yet forced to use it just because prisma cloud doesn't support it yet. Can you he
...
I'm finding what appears to be a lot of false positives for alerts within Compute Defender > Events and Runtime. What is best practice for marking these false positive to prevent additional alerts from being generated? I noticed some options for re-l
...
Trying to put together a query to identify excessive assumeRole permissions. For example it would identify if the following is in a policy.
"Action": ["sts:AssumeRole"],
"Effect": "Allow",
"Resource": "*"
I've been messing around with some queries, I h
...