RQL - How to add JSON field conditionally

I'm trying to addcolumn with a field from a JSON configuration, but only  if certain condition of another field is satisfied.

Something like this:

prisma cloud RQL doubt

can I show both API RQL results? 
config from cloud.resource where api.name ='aws-cloudtrail-describe-trails' as X; config from cloud.resource where api.name = "aws-cloudtrail-get-event-selectors" as Y; show X and Y;

Question about RQL 'userIDGroupPairs[*]' from security group

Hello. I am asking if you can give some help about creating a RQL for a custom policy.

I was trying to create a RQL about AWS security groups that tries to find if the description in userIdGroupPairs[*] for each inbound or outbound rules('ipPermiss

Create IAM Policies in bundle using python

Hello,

I'm trying to create a bunch of IAM policies using Prisma's API,

I can create config policies with no issues however when I try to create IAM policies, following Palo Alto's API documentation, I always get 400 error,

So probably my paylo

Anyone use GuardDuty as well as Twistlock?

I understand that Twistlock does run-time monitoring and protection.

In Fargate configuration, it will block any malicious process spawned from the container but will not block the container itself.

I’m curious if anyone enable AWS GuardDuty togeth

Prisma Cloud Application Vulnerability Search : Deployed tab vs CI tab

Not sure if this has been asked before but I am fairly new to checking Prisma vulnerabilities -- I want to resolve High/Critical ones on our APIs but I get confused when checking CI tab and Deployed tab from Compute>Monitor>Vulnerabilities section. C

CIEM JIT Features

Hi All,

Can I check where can I find out more details on the CIEM JIT functionality?

https://www.paloaltonetworks.com/prisma/cloud/cloud-infrastructure-entitlement-mgmt

"Just-in-Time (JIT) Access

Provides a Zero Trust approach to permission managemen

Feature Request: Recommendation for Remediation (OPTIONAL) Box on Custom Policies in Prisma Application Security

When creating a Build Policy on the Prisma console, the Remediation (OPTIONAL) Box is grayed out. I'm told that this is expected, but initially when doing my POC for Prisma back in April, I don't believe this was always the case. If it is, the word "

Prisma Cloud alerts

Hello everyone!

I connected my AWS account to Prisma Cloud service and it automatically scanned it. Now I think that I could have new vulnerabilities on my account but new s3 buckets or EC2 instances don't appers automatically on my Prisma Cloud acco

How can I get the requested license for Prisma Cloud Console?

Hello, I installed Prisma Cloud Console on my environment.

How can I get this license and upload it here?

I checked the page below, but I couldn't find the license to download it and upload it in Prisma Cloud Console...

Thanks in advance.

Removing Prisma Cloud resources from onboarded AWS account

We onboarded an AWS account into a Prisma Cloud demo.  The demo is over.  How do we make sure that we remove all the resources created during the demo?  There's obviously the PrismaCloudRole that was created by the PrismaCloudIAMRoles CloudFormation

The environment variable FARGATE_TASK in the prisma cloud defender sidecar container definition

I have an ECS Scheduled task with two containers. I used the console to generate a new task definition with the defender sidecar. In its container definition, the environment variable `FARGATE_TASK`'s value is the same as the name of my first applica

RQL - Checking tags using _DateTime function

Can _DateTime function be used to check the date of a tag on a resource in AWS? My current query syntax is accepted by prisma however the _DateTime functions are not actually checking the tag (type string because all tags are strings in AWS) so it is