Skip to main content

Download Docker Access Audit Events



x-prisma-cloud-target-env: {"permission":"monitorAccessDocker"}

Returns the docker access audit events data in CSV format that are logged and aggregated for any container resource protected by a Defender in Prisma Cloud Compute.

Note: You can download the access events from Console under Monitor > Events > Docker audits > Download CSV.

$ curl -k \
-u <USER> \
-H 'Content-Type: text/csv' \
-X GET \
-O <access_audits.csv> \


Query Parameters

    offset integer

    Offsets the result to a specific report count. Offset starts from 0.

    limit integer

    Limit is the amount to fix.

    sort string

    Sorts the result using a key.

    reverse boolean

    Sorts the result in reverse order.

    from date-time

    From is an optional minimum time constraints for the audit.

    to date-time

    To is an optional maximum time constraints for the audit.

    type string

    Type is the audit type.

    ruleName string[]

    RuleNames are the rules names to filter by.

    api string[]

    APIs are apis to filter by.

    hostname string[]

    Hosts are hosts to filter by.

    user string[]

    Users are users to filter by.

    allow string

    Allow indicated whether allowed requests should be shown.

    cluster string[]

    Clusters is the cluster filter.