Skip to main content

Prisma Cloud Compute - Container Forensics

This Playbook is part of the Prisma Cloud Compute by Palo Alto Networks Pack.#

Supported versions

Supported Cortex XSOAR versions: 6.10.0 and later.

This is a sub-playbook of the "Prisma Cloud Compute - Audit Alert v2" playbook. Gets the container profile and forensics.

Dependencies#

This playbook uses the following sub-playbooks, integrations, and scripts.

Sub-playbooks#

This playbook does not use any sub-playbooks.

Integrations#

PaloAltoNetworks_PrismaCloudCompute

Scripts#

SetAndHandleEmpty

Commands#

  • prisma-cloud-compute-profile-container-list
  • prisma-cloud-compute-profile-container-forensic-list

Playbook Inputs#


NameDescriptionDefault ValueRequired
AuditAlertTypeThe audit alert type.Optional
ImageImage name.Optional
DefenderTypeThe defender type.Optional
AlertClusterThe alert's cluster name.Optional
HostnameThe hostname.Optional
ForensicLinkThis link exists in audit runtime incidents.Optional

Playbook Outputs#


There are no outputs for this playbook.

Playbook Image#


Prisma Cloud Compute - Container Forensics