Refresh Compliance Stats

POST 
/api/v30.00/stats/compliance/refresh

x-prisma-cloud-target-env: {"permission":"monitorCompliance","saas":true,"self-hosted":true}
x-public: true

Refreshes the current day's list and counts of compliance issues, as well as the list of affected running resources.

This endpoint returns the same response as /api/v<VERSION>/stats/compliance, but with updated data for the current day.

cURL Request

Refer to the following example cURL command that refreshes compliance statistics for the current day:

$ curl -k \
  -u <USER> \
  -H 'Content-Type: application/json' \
  -X POST \
  'https://<CONSOLE>/api/v<VERSION>/stats/compliance/refresh'

A successful response returns a summary count of compliance issues for the current day. The response also shows a detailed list of compliance issues for each running container and host for the current day.

Request

Query Parameters

collections string[]

Scopes query by collection.

accountIDs string[]

Scopes query by account ID.

ruleName string

Filters results by rule name.

policyType string

Possible values: [docker,containerVulnerability,containerCompliance,ciImagesVulnerability,ciImagesCompliance,hostVulnerability,hostCompliance,vmVulnerability,vmCompliance,serverlessCompliance,ciServerlessCompliance,serverlessVulnerability,ciServerlessVulnerability,containerRuntime,appEmbeddedRuntime,containerAppFirewall,hostAppFirewall,outOfBandAppFirewall,agentlessAppFirewall,appEmbeddedAppFirewall,serverlessAppFirewall,networkFirewall,secrets,hostRuntime,serverlessRuntime,kubernetesAudit,trust,admission,codeRepoVulnerability,ciCodeRepoVulnerability,codeRepoCompliance,ciCodeRepoCompliance]

Filters results by policy type. Used to further scope queries because rule names do not need to be unique between policies.

category string

Possible values: [Docker,Docker (DISA STIG),Twistlock Labs,Custom,Istio,Linux,Kubernetes,CRI,OpenShift,Application Control]

Filters results by category. For example, a benchmark or resource type.

template string

Possible values: [PCI,HIPAA,NIST SP 800-190,GDPR,DISA STIG]

Filters results by compliance template.

Responses

200

ComplianceStats holds compliance data

application/json

Schema

Schema

categories object[]
Compliance stats by category.
Array [
failed integer
Failed is the count of impacted resources by the category IDs.
name vuln.ComplianceCategory
Possible values: [Docker,Docker (DISA STIG),Twistlock Labs,Custom,Istio,Linux,Kubernetes,CRI,OpenShift,Application Control]
ComplianceCategory represents the compliance category
total integer
Total is the count of evaluations of category IDs.
]
daily object[]
Daily compliance stats.
Array [
_id string
Date holds the date the data was collected.
distribution object
Distribution counts the number of vulnerabilities per type
critical integer
.
high integer
.
low integer
.
medium integer
.
total integer
.
modified date-time
Modified is the time the data was modified.
]
ids object[]
Compliance data by check ID.
Array [
benchmarkID string
BenchmarkID is the benchmark ID.
category vuln.ComplianceCategory
Possible values: [Docker,Docker (DISA STIG),Twistlock Labs,Custom,Istio,Linux,Kubernetes,CRI,OpenShift,Application Control]
ComplianceCategory represents the compliance category
description string
Description is the compliance description.
failed integer
Failed is the number of occurrences of compliance ID in resources.
id integer
ID is the compliance ID.
severity string
Severity is the compliance severity.
templateTitle string
TemplateTitle is the template title.
total integer
Total is the count of resources evaluated with the compliance.
type vuln.Type
Possible values: [container,image,host_config,daemon_config,daemon_config_files,security_operations,k8s_master,k8s_worker,k8s_federation,linux,windows,istio,serverless,custom,docker_stig,openshift_master,openshift_worker,application_control_linux]
Type represents the vulnerability type
]
rules object[]
Compliance stats by policy rules.
Array [
failed integer
Failed is the count of the rule compliance IDs in resources.
name string
Name is the name of the applied rule.
policyType common.PolicyType
Possible values: [docker,containerVulnerability,containerCompliance,ciImagesVulnerability,ciImagesCompliance,hostVulnerability,hostCompliance,vmVulnerability,vmCompliance,serverlessCompliance,ciServerlessCompliance,serverlessVulnerability,ciServerlessVulnerability,containerRuntime,appEmbeddedRuntime,containerAppFirewall,hostAppFirewall,outOfBandAppFirewall,agentlessAppFirewall,appEmbeddedAppFirewall,serverlessAppFirewall,networkFirewall,secrets,hostRuntime,serverlessRuntime,kubernetesAudit,trust,admission,codeRepoVulnerability,ciCodeRepoVulnerability,codeRepoCompliance,ciCodeRepoCompliance]
PolicyType represents the type of the policy
total integer
Total is the count of evaluations done by rule.
]
templates object[]
Compliance stats by template.
Array [
failed integer
Failed is the count of impacted resources by the template IDs.
name vuln.ComplianceTemplate
Possible values: [PCI,HIPAA,NIST SP 800-190,GDPR,DISA STIG]
ComplianceTemplate represents the compliance template
total integer
Total is the count of evaluations of template IDs.
]

Example (from schema)

{
  "categories": [
    {
      "failed": 0,
      "name": [
        "Docker",
        "Docker (DISA STIG)",
        "Twistlock Labs",
        "Custom",
        "Istio",
        "Linux",
        "Kubernetes",
        "CRI",
        "OpenShift",
        "Application Control"
      ],
      "total": 0
    }
  ],
  "daily": [
    {
      "_id": "string",
      "distribution": {
        "critical": 0,
        "high": 0,
        "low": 0,
        "medium": 0,
        "total": 0
      },
      "modified": "2023-12-01T18:46:57.376Z"
    }
  ],
  "ids": [
    {
      "benchmarkID": "string",
      "category": [
        "Docker",
        "Docker (DISA STIG)",
        "Twistlock Labs",
        "Custom",
        "Istio",
        "Linux",
        "Kubernetes",
        "CRI",
        "OpenShift",
        "Application Control"
      ],
      "description": "string",
      "failed": 0,
      "id": 0,
      "severity": "string",
      "templateTitle": "string",
      "total": 0,
      "type": [
        "container",
        "image",
        "host_config",
        "daemon_config",
        "daemon_config_files",
        "security_operations",
        "k8s_master",
        "k8s_worker",
        "k8s_federation",
        "linux",
        "windows",
        "istio",
        "serverless",
        "custom",
        "docker_stig",
        "openshift_master",
        "openshift_worker",
        "application_control_linux"
      ]
    }
  ],
  "rules": [
    {
      "failed": 0,
      "name": "string",
      "policyType": [
        "docker",
        "containerVulnerability",
        "containerCompliance",
        "ciImagesVulnerability",
        "ciImagesCompliance",
        "hostVulnerability",
        "hostCompliance",
        "vmVulnerability",
        "vmCompliance",
        "serverlessCompliance",
        "ciServerlessCompliance",
        "serverlessVulnerability",
        "ciServerlessVulnerability",
        "containerRuntime",
        "appEmbeddedRuntime",
        "containerAppFirewall",
        "hostAppFirewall",
        "outOfBandAppFirewall",
        "agentlessAppFirewall",
        "appEmbeddedAppFirewall",
        "serverlessAppFirewall",
        "networkFirewall",
        "secrets",
        "hostRuntime",
        "serverlessRuntime",
        "kubernetesAudit",
        "trust",
        "admission",
        "codeRepoVulnerability",
        "ciCodeRepoVulnerability",
        "codeRepoCompliance",
        "ciCodeRepoCompliance"
      ],
      "total": 0
    }
  ],
  "templates": [
    {
      "failed": 0,
      "name": [
        "PCI",
        "HIPAA",
        "NIST SP 800-190",
        "GDPR",
        "DISA STIG"
      ],
      "total": 0
    }
  ]
}

default

Loading...