Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- Live
- ›
- About DXiao
About DXiao
Announcements
Attention: The LIVEcommunity is experiencing an interruption with videos in some areas. We apologize for any inconvenience this may cause. Thank you for your patience as we work towards a solution to restore videos.
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
05-27-2019
1Post
0Likes
0Solutions
May 27, 2019Last Visited
User
Activity
User
Profile
Latest posts by DXiao
| Subject | Views | Posted |
|---|---|---|
| 1514 | 04-16-2019 06:51 PM |
User Badges
Public Statistics
| Date Registered | 04-15-2019 06:19 AM |
| Date Last Visited | 05-27-2019 03:05 PM |
| Total Messages Posted | 1 |
04-16-2019
06:51 PM
Hi,
Some policies are producing alerts against SGs that are not associated with any resources.
Can you please advise how to customize the query and exclude those SGs?
For example, policy "AWS Security Groups allow internet traffic from internet to MYSQL port (3306)" is defined as follows:
config where cloud.type = 'aws' AND api.name='aws-ec2-describe-security-groups' AND json.rule = (((ipPermissions[?(@.toPort > 3306 && @.fromPort < 3306)].ipRanges[*] contains 0.0.0.0/0) or (ipPermissions[?(@.toPort == 3306 || @.fromPort == 3306)].ipRanges[*] contains 0.0.0.0/0)) or ((ipPermissions[?(@.toPort > 3306 && @.fromPort < 3306)].ipv6Ranges[*].cidrIpv6 contains ::/0) or (ipPermissions[?(@.toPort == 3306 || @.fromPort == 3306)].ipv6Ranges[*].cidrIpv6 contains ::/0)))
Thank you
... View more
Contact Me
| Online Status |
Offline
|
| Date Last Visited |
05-27-2019
03:05 PM
|
Latest Tags
No tags yet
Latest Blogs
Latest Posts
Copyright 2007 - 2020 - Palo Alto Networks
