Hello everyone,
I have been unable to retrieve using the Prisma Cloud CSPM API the Compliance Posture Trend using the following function.
The PowerShell function is as follows, taking into account that the $URI variable is already set to the correct URL API:
function Get-PrismaCloudComplianceTrendV2{
param (
#String with the JWT token
[Parameter(
Mandatory=$true,
HelpMessage="Introduce a valid token in String format",
ValueFromPipeline=$true)]
[String]
$Token,
[Parameter(
Mandatory=$true,
HelpMessage="Introduce a valid token in String format",
ValueFromPipeline=$true)]
[string]
$Negocio_N
)
$PrismaComplianceTrendV2 = @{
Uri = "$URI" + "compliance/posture/trend"
Method= "POST"
Headers= @{"x-redlock-auth"= $token;"Accept"= "application/json";"charset"="UTF-8";"content-type"="application/json"}
Body = @{
"fields" = @("account.group")
# "filters" = @{
# "name"="account.group"
# "operator"="="
# "value"="$Negocio_N"
# }
"timeRange"=@{
"type"="relative"
"value"= @{
"amount" ="1"
"unit" = "month"
}
}
}
| ConvertTo-Json -Depth 3
}
try{
Invoke-RestMethod @PrismaComplianceTrendV2 -Verbose
}
catch {
$_.Exception.Response
}
}
The response every time, regardless of filter, type of Time Type or TimeRange is a 500 Internal Server Error, as seen here:
Response : StatusCode: 500, ReasonPhrase: 'Internal Server Error', Version: 1.1, Content: System.Net.Http.HttpConnectionResponseContent, Headers:
{
Date: Tue, 26 Sep 2023 15:37:32 GMT
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: x-redlock-request-id,x-redlock-auth,rl-json-rule,terraform-version,terraform-012-parameters,rl-variable-file-names,rl-parameters,Content-Type,x-b3-traceid,x-b3-spanid,sentry-trace
Access-Control-Allow-Methods: POST, PUT, GET, OPTIONS, DELETE, PATCH
Access-Control-Expose-Headers: x-redlock-auth,x-redlock-request-id,x-redlock-status, x-redlock-fileName,Content-Disposition
Access-Control-Max-Age: 60
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
Content-Security-Policy: default-src 'self'
x-redlock-request-id: 9ff33857315145e483c586bed4b377f7
Vary: Origin
Vary: Access-Control-Request-Method
Vary: Access-Control-Request-Headers
Vary: x-redlock-auth
Referrer-Policy: no-referrer
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Content-Length: 0
}
StatusCode :
TargetSite : Void ThrowTerminatingError(System.Management.Automation.ErrorRecord)
Message : Response status code does not indicate success: 500 (Internal Server Error).
Data : {}
InnerException :
HelpLink :
Source : System.Management.Automation
HResult : -2146233088
StackTrace : at System.Management.Automation.MshCommandRuntime.ThrowTerminatingError(ErrorRecord errorRecord)
Does this function in particular follow a different request body type?
Thank you for your suggestions.