Skip to main content

Get Compliance Stats

GET 

/api/v32.04/stats/compliance

x-prisma-cloud-target-env: {"permission":"monitorCompliance","saas":true,"self-hosted":true}
x-public: true

Returns compliance statistics, including:

  • Compliance rate by regulation, CIS benchmark, and policy rule.
  • Trend of failed compliance checks over time.
  • List of all compliance checks with their corresponding compliance rate.

This endpoint maps to the table in Monitor > Compliance > Compliance explorer in the Console UI.

cURL Request

Refer to the following example cURL command that retrieves compliance statistics:

$ curl -k \
-u <USER> \
-H 'Content-Type: application/json' \
-X GET \
'https://<CONSOLE>/api/v<VERSION>/stats/compliance'

A successful response returns a summary count of compliance issues. The response also shows a detailed list of compliance issues for each running container and host.

Request

Query Parameters

    collections string[]

    Scopes query by collection.

    accountIDs string[]

    Scopes query by account ID.

    ruleName string

    Filters results by rule name.

    policyType string

    Possible values: [containerVulnerability,containerCompliance,ciImagesVulnerability,ciImagesCompliance,hostVulnerability,hostCompliance,vmVulnerability,vmCompliance,serverlessCompliance,ciServerlessCompliance,serverlessVulnerability,ciServerlessVulnerability,containerRuntime,appEmbeddedRuntime,containerAppFirewall,hostAppFirewall,outOfBandAppFirewall,agentlessAppFirewall,appEmbeddedAppFirewall,serverlessAppFirewall,networkFirewall,secrets,hostRuntime,serverlessRuntime,kubernetesAudit,trust,admission,codeRepoCompliance,ciCodeRepoCompliance,ciCodeRepoVulnerability,codeRepoVulnerability]

    Filters results by policy type. Used to further scope queries because rule names do not need to be unique between policies.

    category string

    Possible values: [Docker,Docker (DISA STIG),Twistlock Labs,Custom,Istio,Linux,Kubernetes,CRI,OpenShift,Application Control,GKE,Prisma Cloud Labs,EKS,AKS]

    Filters results by category. For example, a benchmark or resource type.

    template string

    Possible values: [PCI,HIPAA,NIST SP 800-190,GDPR,DISA STIG]

    Filters results by compliance template.

Responses

ComplianceStats holds compliance data

Schema
    categories object[]

    Compliance stats by category.

  • Array [
  • failed integer

    Failed is the count of impacted resources by the category IDs.

    name vuln.ComplianceCategory (string)

    Possible values: [Docker,Docker (DISA STIG),Twistlock Labs,Custom,Istio,Linux,Kubernetes,CRI,OpenShift,Application Control,GKE,Prisma Cloud Labs,EKS,AKS]

    ComplianceCategory represents the compliance category

    total integer

    Total is the count of evaluations of category IDs.

  • ]
  • daily object[]

    Daily compliance stats.

  • Array [
  • _id string

    Date holds the date the data was collected.

    distribution object

    Distribution counts the number of vulnerabilities per type

    critical integer

    .

    high integer

    .

    low integer

    .

    medium integer

    .

    total integer

    .

    modified date-time

    Modified is the time the data was modified.

  • ]
  • ids object[]

    Compliance data by check ID.

  • Array [
  • benchmarkID string

    BenchmarkID is the benchmark ID.

    category vuln.ComplianceCategory (string)

    Possible values: [Docker,Docker (DISA STIG),Twistlock Labs,Custom,Istio,Linux,Kubernetes,CRI,OpenShift,Application Control,GKE,Prisma Cloud Labs,EKS,AKS]

    ComplianceCategory represents the compliance category

    description string

    Description is the compliance description.

    failed integer

    Failed is the number of occurrences of compliance ID in resources.

    id integer

    ID is the compliance ID.

    severity string

    Severity is the compliance severity.

    templateTitle string

    TemplateTitle is the template title.

    total integer

    Total is the count of resources evaluated with the compliance.

    type vuln.Type (string)

    Possible values: [container,image,host_config,daemon_config,daemon_config_files,security_operations,k8s_master,k8s_worker,k8s_federation,linux,windows,istio,serverless,custom,docker_stig,openshift_master,openshift_worker,application_control_linux,gke_worker,image_malware,host_malware,aks_worker,eks_worker,image_secret,host_secret]

    Type represents the vulnerability type

  • ]
  • rules object[]

    Compliance stats by policy rules.

  • Array [
  • failed integer

    Failed is the count of the rule compliance IDs in resources.

    name string

    Name is the name of the applied rule.

    policyType common.PolicyType (string)

    Possible values: [containerVulnerability,containerCompliance,ciImagesVulnerability,ciImagesCompliance,hostVulnerability,hostCompliance,vmVulnerability,vmCompliance,serverlessCompliance,ciServerlessCompliance,serverlessVulnerability,ciServerlessVulnerability,containerRuntime,appEmbeddedRuntime,containerAppFirewall,hostAppFirewall,outOfBandAppFirewall,agentlessAppFirewall,appEmbeddedAppFirewall,serverlessAppFirewall,networkFirewall,secrets,hostRuntime,serverlessRuntime,kubernetesAudit,trust,admission,codeRepoCompliance,ciCodeRepoCompliance,ciCodeRepoVulnerability,codeRepoVulnerability]

    PolicyType represents the type of the policy

    total integer

    Total is the count of evaluations done by rule.

  • ]
  • templates object[]

    Compliance stats by template.

  • Array [
  • failed integer

    Failed is the count of impacted resources by the template IDs.

    name vuln.ComplianceTemplate (string)

    Possible values: [PCI,HIPAA,NIST SP 800-190,GDPR,DISA STIG]

    ComplianceTemplate represents the compliance template

    total integer

    Total is the count of evaluations of template IDs.

  • ]
Loading...