Download Admission Audit Events

GET /api/v31.02/audits/admission/download

x-prisma-cloud-target-env: {"permission":"monitorAccessKubernetes","saas":true,"self-hosted":true}
x-public: true

Returns the access admission events data in CSV format that were alerted or blocked by Defender functioning as Open Policy Agent admission controller.

cURL Request

Refer to the following example cURL command that downloads the admission audit events:

$ curl -k \
  -u <USER> \
  -H 'Content-Type: text/csv' \
  -X GET \
  -o <admission_audits.csv> \
  "https://<CONSOLE>/api/v<VERSION>/audits/admission/download"

Request

Query Parameters

offset integer

Offsets the result to a specific report count. Offset starts from 0.

limit integer

Limit is the amount to fix.

sort string

Sorts the result using a key.

reverse boolean

Sorts the result in reverse order.

from date-time

From is an optional minimum time constraints for the activity.

to date-time

To is an optional maximum time constraints for the activity.

namespace string[]

Namespaces is the list of namespaces to use for filtering.

operation string[]

Operations is the list of operations to use for filtering.

cluster string[]

Clusters is the cluster filter.

attackTechniques string[]

AttackTechniques are the MITRE attack techniques.

Responses

200
default

Download Admission Audit Events

/api/v31.02/audits/admission/download

cURL Request​

Request​

Query Parameters

Responses​

cURL Request

Request

Responses