Download Docker Access Audit Events

GET /api/v31.02/audits/access/download

x-prisma-cloud-target-env: {"permission":"monitorAccessDocker","saas":true,"self-hosted":true}
x-public: true

Returns the docker access audit events data in CSV format that are logged and aggregated for any container resource protected by a Defender in Prisma Cloud Compute.

Note: You can download the access events from Console under Monitor > Events > Docker audits > Download CSV.

$ curl -k \
  -u <USER> \
  -H 'Content-Type: text/csv' \
  -X GET \
  -O <access_audits.csv> \
  "https://<CONSOLE>/api/v<VERSION>/audits/access/download?type=docker"

Request

Query Parameters

offset integer

Offsets the result to a specific report count. Offset starts from 0.

limit integer

Limit is the amount to fix.

sort string

Sorts the result using a key.

reverse boolean

Sorts the result in reverse order.

from date-time

From is an optional minimum time constraints for the audit.

to date-time

To is an optional maximum time constraints for the audit.

type string

Type is the audit type.

ruleName string[]

RuleNames are the rules names to filter by.

api string[]

APIs are apis to filter by.

hostname string[]

Hosts are hosts to filter by.

user string[]

Users are users to filter by.

allow string

Allow indicated whether allowed requests should be shown.

cluster string[]

Clusters is the cluster filter.

Responses

200
default

Download Docker Access Audit Events

/api/v31.02/audits/access/download

Request​

Query Parameters

Responses​

Request

Responses