Who rated this post

JLlorente · ‎09-26-2023

Hello everyone,

I have been unable to retrieve using the Prisma Cloud CSPM API the Compliance Posture Trend using the following function.

The PowerShell function is as follows, taking into account that the $URI variable is already set to the correct URL API:

function Get-PrismaCloudComplianceTrendV2{
    param (
        #String with the JWT token
        [Parameter(
        Mandatory=$true,
        HelpMessage="Introduce a valid token in String format",
        ValueFromPipeline=$true)]
        [String]
        $Token,
        
        [Parameter(
        Mandatory=$true,
        HelpMessage="Introduce a valid token in String format",
        ValueFromPipeline=$true)]
        
        [string]
        $Negocio_N

                
)


$PrismaComplianceTrendV2 = @{
    Uri = "$URI" + "compliance/posture/trend"
    Method= "POST"
    Headers= @{"x-redlock-auth"= $token;"Accept"= "application/json";"charset"="UTF-8";"content-type"="application/json"}
    Body = @{
        "fields" = @("account.group")
        # "filters" = @{
        #     "name"="account.group"
        #     "operator"="="
        #     "value"="$Negocio_N"
        # }
        "timeRange"=@{
            "type"="relative"
            "value"= @{
                "amount" ="1"
                "unit" = "month"
            
            }
            
        }
        }
    | ConvertTo-Json -Depth 3
}
 
try{
Invoke-RestMethod @PrismaComplianceTrendV2 -Verbose
}
catch {
    $_.Exception.Response
    
    
}

}

The response every time, regardless of filter, type of Time Type or TimeRange is a 500 Internal Server Error, as seen here:

Response       : StatusCode: 500, ReasonPhrase: 'Internal Server Error', Version: 1.1, Content: System.Net.Http.HttpConnectionResponseContent, Headers:
                 {
                   Date: Tue, 26 Sep 2023 15:37:32 GMT
                   Connection: keep-alive
                   Access-Control-Allow-Origin: *
                   Access-Control-Allow-Headers: x-redlock-request-id,x-redlock-auth,rl-json-rule,terraform-version,terraform-012-parameters,rl-variable-file-names,rl-parameters,Content-Type,x-b3-traceid,x-b3-spanid,sentry-trace
                   Access-Control-Allow-Methods: POST, PUT, GET, OPTIONS, DELETE, PATCH
                   Access-Control-Expose-Headers: x-redlock-auth,x-redlock-request-id,x-redlock-status, x-redlock-fileName,Content-Disposition
                   Access-Control-Max-Age: 60
                   Strict-Transport-Security: max-age=31536000; includeSubDomains
                   X-Content-Type-Options: nosniff
                   X-Frame-Options: DENY
                   X-XSS-Protection: 1; mode=block
                   Content-Security-Policy: default-src 'self'
                   x-redlock-request-id: 9ff33857315145e483c586bed4b377f7
                   Vary: Origin
                   Vary: Access-Control-Request-Method
                   Vary: Access-Control-Request-Headers
                   Vary: x-redlock-auth
                   Referrer-Policy: no-referrer
                   X-Download-Options: noopen
                   X-Permitted-Cross-Domain-Policies: none
                   Content-Length: 0
                 }
StatusCode     : 
TargetSite     : Void ThrowTerminatingError(System.Management.Automation.ErrorRecord)
Message        : Response status code does not indicate success: 500 (Internal Server Error).
Data           : {}
InnerException : 
HelpLink       : 
Source         : System.Management.Automation
HResult        : -2146233088
StackTrace     :    at System.Management.Automation.MshCommandRuntime.ThrowTerminatingError(ErrorRecord errorRecord)

Does this function in particular follow a different request body type?

Thank you for your suggestions.

Unlock your full community experience!

Who rated this post

Unable to use the Prisma Cloud CSPM API to POST the Compliance Trend