Download Kubernetes Audit Events

GET /api/v32.04/audits/kubernetes/download

x-prisma-cloud-target-env: {"permission":"monitorAccessKubernetes","saas":true,"self-hosted":true}
x-public: true

Returns the audit events data that occur in an integrated Kubernetes cluster that you configured for Prisma Cloud Compute under Defend > Access > Kubernetes in CSV format.

Note: This endpoint relates to the Monitor > Events > Kubernetes audits in Prisma Cloud Compute.

cURL Request

Refer to the following example cURL command:

$ curl -k \
  -u <USER> \
  -H 'Content-Type: text/csv' \
  -X GET \
  -o <kubernetes_audits.csv> \
  "https://<CONSOLE>/api/v<VERSION>/audits/kubernetes/download"

Request

Query Parameters

offset integer

Offsets the result to a specific report count. Offset starts from 0.

limit integer

Limit is the amount to fix.

sort string

Sorts the result using a key.

reverse boolean

Sorts the result in reverse order.

from date-time

From is an optional minimum time constraints for the activity.

to date-time

To is an optional maximum time constraints for the activity.

user string[]

Users is the list of users to use for filtering.

attackTechniques string[]

AttackTechniques are the MITRE attack techniques.

cluster string[]

Clusters is the list of clusters for filtering.

Responses

200
default

Download Kubernetes Audit Events

/api/v32.04/audits/kubernetes/download

cURL Request​

Request​

Query Parameters

Responses​

cURL Request

Request

Responses