Skip to main content

Prisma Cloud Compute - Audit Alert v2

This Playbook is part of the Prisma Cloud Compute by Palo Alto Networks Pack.#

Deprecated

Use "Prisma Cloud Compute - Audit Alert v3" instead.

Default playbook for parsing and enrichment of Prisma Cloud Compute audit alerts.

Dependencies#

This playbook uses the following sub-playbooks, integrations, and scripts.

Sub-playbooks#

This playbook does not use any sub-playbooks.

Integrations#

  • PaloAltoNetworks_PrismaCloudCompute

Scripts#

  • PrismaCloudComputeParseAuditAlert
  • ToTable

Commands#

  • prisma-cloud-compute-logs-defender
  • prisma-cloud-compute-images-scan-list
  • prisma-cloud-compute-get-waas-policies
  • prisma-cloud-compute-profile-container-list
  • setIncident
  • prisma-cloud-compute-profile-container-forensic-list
  • findIndicators
  • createNewIndicator
  • prisma-cloud-compute-logs-defender-download
  • prisma-cloud-compute-host-forensic-list
  • prisma-cloud-compute-get-backups
  • prisma-cloud-compute-profile-host-list
  • prisma-cloud-compute-get-audit-firewall-container-alerts
  • prisma-cloud-compute-defenders-list
  • closeInvestigation
  • prisma-cloud-compute-get-alert-profiles

Playbook Inputs#


NameDescriptionDefault ValueRequired
baseUrlThe base URL of the Prisma Cloud Compute Instance used to create a link back to the alerts for an image.https://app.prismacloud.ioOptional
ProjectA specific project name to get alert profiles forPrismaCloudCompute.AlertProfiles.ServiceNow.ProjectOptional

Playbook Outputs#


There are no outputs for this playbook.

Playbook Image#


Prisma Cloud Compute - Audit Alert v2