Get CNNS Container Audit Events
GET/api/v32.07/audits/firewall/network/container
x-prisma-cloud-target-env: {"permission":"monitorCNNF"}
Retrieves all Cloud Native Network Segmentation (CNNS) container audit events.
For more information, see the Cloud Native Network Segmentation (CNNS)
For containers, rules are defined between:
- Image to image.
- Image to an external network not protected by Prisma Cloud.
- Image to DNS domain.
cURL Request
Refer to the following example cURL command:
$ curl -k \
-u <USER> \
-H 'Content-Type: application/json' \
-X GET \
"https://<CONSOLE>/api/v<VERSION>/audits/firewall/network/container"
cURL Response
{
"_id": "localhost",
"time": "2022-11-14T11:02:43.151Z",
"total": 1,
"resource": {
"images": [
""
]
},
"collections": [
"All",
"user123"
],
"audits": {
"unexpectedConnection": {
"count": 1,
"audits": [
{
"ruleID": 4,
"time": "2022-11-14T11:02:43.151Z",
"type": "unexpectedConnection",
"srcProfileID": "sha256:8d5df41c547bd107c14368ad302efc46760940ae188df451cabc23e10f7f161b_user_tkgi-users",
"dstProfileID": "20",
"srcProfileHash": 228,
"srcContainerName": "users-ubuntu",
"dstContainerName": "",
"dstSubnet": "localhost",
"srcImageName": "docker.io/library/ubuntu:18.04",
"dstImageName": "",
"dstPort": 8000,
"block": false,
"count": 1,
"msg": "Unexpected connection to ip 127.0.0.1"
}
]
}
}
}
Request
Responses
- 200
- default