Skip to main content

Refresh Compliance Stats

POST 
/api/v32.07/stats/compliance/refresh
x-prisma-cloud-target-env: {"permission":"monitorCompliance"}

Refreshes the current day's compliance violations counts and list, as well as the affected running resources.

The response will return exactly what the /statistics/compliance endpoint returns, only with updated statistics for the current day.

The following example command that uses curl and basic auth to refresh compliance statistics:

$ curl -k \
  -u <USER> \
  -H 'Content-Type: application/json' \
  -X POST \
  https://<CONSOLE>:8083/api/v1/stats/compliance

Request

Query Parameters

    collections string[]

    Scopes query by collection.

    accountIDs string[]

    Scopes query by account ID.

    ruleName string

    Filters results by rule name.

    policyType string

    Possible values: [containerVulnerability,containerCompliance,ciImagesVulnerability,ciImagesCompliance,hostVulnerability,hostCompliance,vmVulnerability,vmCompliance,serverlessCompliance,ciServerlessCompliance,serverlessVulnerability,ciServerlessVulnerability,containerRuntime,appEmbeddedRuntime,containerAppFirewall,hostAppFirewall,outOfBandAppFirewall,agentlessAppFirewall,serverObserverAppFirewall,appEmbeddedAppFirewall,serverlessAppFirewall,networkFirewall,secrets,hostRuntime,serverlessRuntime,kubernetesAudit,trust,admission,codeRepoCompliance,ciCodeRepoCompliance,ciCodeRepoVulnerability,codeRepoVulnerability]

    Filters results by policy type. Used to further scope queries because rule names do not need to be unique between policies.

    category string

    Possible values: [Docker,Docker (DISA STIG),Twistlock Labs,Custom,Istio,Linux,Kubernetes,CRI,OpenShift,Application Control,GKE,Prisma Cloud Labs,EKS,AKS]

    Filters results by category. For example, a benchmark or resource type.

    template string

    Possible values: [PCI,HIPAA,NIST SP 800-190,GDPR,DISA STIG]

    Filters results by compliance template.

Responses

ComplianceStats holds compliance data

Schema
    categories object[]

    Compliance stats by category.

  • Array [
    • failed integer

    Failed is the count of impacted resources by the category IDs.

    name vuln.ComplianceCategory (string)

    Possible values: [Docker,Docker (DISA STIG),Twistlock Labs,Custom,Istio,Linux,Kubernetes,CRI,OpenShift,Application Control,GKE,Prisma Cloud Labs,EKS,AKS]

    ComplianceCategory represents the compliance category

    total integer

    Total is the count of evaluations of category IDs.

  • ]
    • daily object[]

    Daily compliance stats.

  • Array [
    • _id string

    Date holds the date the data was collected.

    distribution object

    Distribution counts the number of vulnerabilities per type

    critical integer

    .

    high integer

    .

    low integer

    .

    medium integer

    .

    total integer

    .

    modified date-time

    Modified is the time the data was modified.

  • ]
    • ids object[]

    Compliance data by check ID.

  • Array [
    • benchmarkID string

    BenchmarkID is the benchmark ID.

    category vuln.ComplianceCategory (string)

    Possible values: [Docker,Docker (DISA STIG),Twistlock Labs,Custom,Istio,Linux,Kubernetes,CRI,OpenShift,Application Control,GKE,Prisma Cloud Labs,EKS,AKS]

    ComplianceCategory represents the compliance category

    description string

    Description is the compliance description.

    failed integer

    Failed is the number of occurrences of compliance ID in resources.

    id integer

    ID is the compliance ID.

    severity string

    Severity is the compliance severity.

    templateTitle string

    TemplateTitle is the template title.

    total integer

    Total is the count of resources evaluated with the compliance.

    type vulnerability.Type (string)

    Possible values: [container,image,host_config,daemon_config,daemon_config_files,security_operations,k8s_master,k8s_worker,k8s_federation,linux,windows,istio,serverless,custom,docker_stig,openshift_master,openshift_worker,application_control_linux,gke_worker,image_malware,host_malware,aks_worker,eks_worker,image_secret,host_secret]

    Type represents the vulnerability type

  • ]
    • rules object[]

    Compliance stats by policy rules.

  • Array [
    • failed integer

    Failed is the count of the rule compliance IDs in resources.

    name string

    Name is the name of the applied rule.

    policyType common.PolicyType (string)

    Possible values: [containerVulnerability,containerCompliance,ciImagesVulnerability,ciImagesCompliance,hostVulnerability,hostCompliance,vmVulnerability,vmCompliance,serverlessCompliance,ciServerlessCompliance,serverlessVulnerability,ciServerlessVulnerability,containerRuntime,appEmbeddedRuntime,containerAppFirewall,hostAppFirewall,outOfBandAppFirewall,agentlessAppFirewall,serverObserverAppFirewall,appEmbeddedAppFirewall,serverlessAppFirewall,networkFirewall,secrets,hostRuntime,serverlessRuntime,kubernetesAudit,trust,admission,codeRepoCompliance,ciCodeRepoCompliance,ciCodeRepoVulnerability,codeRepoVulnerability]

    PolicyType represents the type of the policy

    total integer

    Total is the count of evaluations done by rule.

  • ]
    • templates object[]

    Compliance stats by template.

  • Array [
    • failed integer

    Failed is the count of impacted resources by the template IDs.

    name vuln.ComplianceTemplate (string)

    Possible values: [PCI,HIPAA,NIST SP 800-190,GDPR,DISA STIG]

    ComplianceTemplate represents the compliance template

    total integer

    Total is the count of evaluations of template IDs.

  • ]
Loading...