Download WAAS App-embedded Audit Events
Returns the app-embedded WAAS audit events data in CSV format for the specified query parameters.
Note: These audit events relate to violations of WAAS policies defined under Defend > WAAS > App-Embedded > App-Embedded WAAS Policy.
Refer to the following example cURL command:
$ curl -k \
-u <USER> \
-H 'Content-Type: text/csv' \
-X GET \
-o <waas_app-embedded_audits.csv> \
Offsets the result to a specific report count. Offset starts from 0.
Number of reports to retrieve in a page. For PCCE, the maximum limit is 250. For PCEE, the maximum limit is 50. The default value is 50.
Retrieves the result for a search term.
Sorts the result using a key. Refer to the columns in the relevant Prisma Cloud Compute user interface to use them as sort keys.
Sorts the result in reverse order.
Filters the result based on collection names that you have defined in Prisma Cloud Compute.
Scopes the query by cloud provider.
Filters the result based on cloud account IDs.
Scopes the query by resource ID.
Scopes the query by cloud region.
Retrieves the fields that you need in a report. Use the list of fields you want to retrieve. By default, the result shows all fields of data.
From is an optional minimum time constraints for the audit.
To is an optional maximum time constraints for the audit.
Images is the image names filter.
Containers is the container names filter.
Hosts is the hostnames filter.
RuleNames is the rule names filter.
Types is the firewall audit type filter.
Effect is used to filter by runtime audit effect.
RuleAppIDs is the rule app IDs filter.
FunctionName is used to filter by function name.
Runtime is used to filter by runtime.
Namespaces is the list of namespaces to use for filtering.
AppIDs is the app embedded appID filter.
Subnets is the source IPs filter.
ConnectingIPs is the connecting IPs filter.
Countries is the source IP country filter.
UserAgents is the user agent header filter.
URLs is the URL filter.
RequestHosts is the request host filter.
Paths is the URL path filter.
Queries is the URL query filter.
Methods is the request method filter.
RequestHeaderNames is the request header names filter.
OS is the OS filter.
Messages is the audit message text filter.
Cluster is the audit cluster filter.
AttackTechniques are the MITRE attack techniques.
Aggregate indicates whether the result audits should be aggregated according to the Select field.
Protections is the firewall audit protection type filter.
EventID is the event IDs filter.
OWASPTop10 is the OWASP top 10 filter.
OWASPAPITop10 is the OWASP API top 10 filter.