Skip to main content

Download CNNS Container Audit Events

x-prisma-cloud-target-env: {"permission":"monitorCNNF","saas":true,"self-hosted":true}
x-public: true

Returns the Cloud Native Network Segmentation (CNNS) container audit events data in CSV format.

For more information, see the Cloud Native Network Segmentation (CNNS)

For containers, rules are defined between:

  • Image to image.
  • Image to Image to an external network not protected by Prisma Cloud.
  • Image to DNS domain.

cURL Request

Refer to the following example cURL command:

$ curl -k \
  -u <USER> \
  -H 'Content-Type: text/csv' \
  -X GET \
  -o <cnns_container_audits.csv> \
  "https://<CONSOLE>/api/v<VERSION>/audits/firewall/network/container/download"
Query Parameters
  • offset integer

    Offsets the result to a specific report count. Offset starts from 0.

  • limit integer

    Number of reports to retrieve in a page. For PCCE, the maximum limit is 250. For PCEE, the maximum limit is 50. The default value is 50.

  • search string

    Retrieves the result for a search term.

  • sort string

    Sorts the result using a key. Refer to the columns in the relevant Prisma Cloud Compute user interface to use them as sort keys.

  • reverse boolean

    Sorts the result in reverse order.

  • collections string[]

    Filters the result based on collection names that you have defined in Prisma Cloud Compute.

  • provider string[]

    Scopes the query by cloud provider.

  • accountIDs string[]

    Filters the result based on cloud account IDs.

  • resourceIDs string[]

    Scopes the query by resource ID.

  • region string[]

    Scopes the query by cloud region.

  • fields string[]

    Retrieves the fields that you need in a report. Use the list of fields you want to retrieve. By default, the result shows all fields of data.

  • from date-time

    From is an optional minimum time constraints for the audits.

  • to date-time

    To is an optional maximum time constraints for the audits.

  • srcImageName string[]

    SrcImages are the source images filter.

  • dstImageName string[]

    DstImages are the destination images filter.

  • block string

    Block is the block/audit filter.

Responses

OK

Loading...