Alert Evidence Graph

GET /alert/v1/:id/graph

Given an alert-id in the query the API returns the data that can be presented in a graphical format. The returned response matches the JSON Graph Format standard

Request

Path Parameters

id stringrequired

The alert-id for the evidence graph

Responses

Successful operation

Schema
Example (from schema)

Schema

graphs object[]required

The list of graphs representing a primary asset and its associations

Array [

graph object

The resource specific graph

nodes object

A dictionary of the node identifier and the associated node

oneOf

AssetNode
CapabilityNode
FindingNode
PrimaryAssetNode
VulnerabilityNode

type string

Possible values: [Asset]

The node type

label string

Label representing the asset name

metadata object

Primary Asset Node Metadata

lastModifiedAt int64

Last modified time for the asset

externalAssetId stringrequired

Cloud Provider Asset Identifier

assetApiId int32required

The unique API Identifier of this asset

accountId stringrequired

Cloud Account ID

dataSensitivityDatatypeDetails object[]

Data Sensitivity datatypes

Array [

name string

Name of the data sensitivity datatype

count int32

The count of occurances for the given data type

label string

The label for the given data type

]

type string

Possible values: [Capability]

The node type

label string

metadata object

Capability Node Metadata

capabilityType stringrequired

Returns the capability type

additionalCapabilityAttributes object

Returns additional metadata associated with this capability

property name* object

Returns additional metadata associated with this capability

type string

Possible values: [Finding]

The node type

label string

metadata object

Finding Node Metadata

type stringrequired

Finding Type

policyType stringrequired

Policy Type

severity stringrequired

Finding Severity

description stringrequired

Finding description

lastModifiedAt int64required

Time when the finding was reported

findingRemediationDetails object

Represents the RemediationDetails for this finding

buildTimeMetadata object

buildtime_resource_id string

buildtime_resource_name string

git_filename string

git_directory string

git_provider string

git_last_modified_time int64

git_last_modified_by string

git_modifiers string[]

git_org string

git_repository string

git_repo_id string

depends_on string

dependents string

yor_trace string

git_url string

framework string

code_security_url string

bc_resource_id string

alert_decoration_status string

fix_pr_url string

has_fix boolean

runtimeMetadata object

remediationTs int64

permissionGraph object

Represents the associated permission graph for this finding

items object[]

Permission graph items

Array [

grantedByCloudType string

Granted by cloud type

grantedByEntityType string

Granted by entity type name

grantedByEntityTypeId int32

Granted by entity type identifier

grantedByEntityName string

Granted by entity name

grantedByEntityAssetId string

Granted by entity asset identifier

destCloudType string

Destination cloud type

destCloudServiceName string

Destination cloud service name

destCloudResourceName string

Destination cloud resource name

destResourceTypeId int32

Destination cloud resource type identifier

destResourceAssetId string

Destination cloud resource asset identifier

dataSensitivityDatatypeDetails object[]

Data Sensitivity datatypes

Array [

name string

Name of the data sensitivity datatype

count int32

The count of occurances for the given data type

label string

The label for the given data type

]

networkGraph object

Represents the associated network graph for this finding

cloudGraphs object

The cloud network graphs

property name* CloudNetworkGraphResponse

The cloud network graphs

nodes object

The nodes associated with this network graph

property name* NodeDataType

The nodes associated with this network graph

nodeData object

Represents a network node

unifiedAssetID stringrequired

Prisma Cloud Unified Asset Identifier

nativeID string

The native ID of the node

name string

Name of the object

cloudType stringrequired

Cloud type of the entity

type stringrequired

Type of the endpoint

subType string

Asset sub-type information

id string

rrn string

APIID int32

Asset APIID

type string

Represents a network node type

paths array[]

The associated paths in the network graph

errors string[]

The error message for cloud network graph.

isRemediable boolean

isRemediable

type string

Possible values: [PrimaryAsset]

The node type

label string

Label representing the primary asset name

metadata object

Primary Asset Node Metadata

lastModifiedAt int64

Last modified time for the asset

externalAssetId stringrequired

Cloud Provider Asset Identifier

assetApiId int32required

The unique API Identifier of this asset

accountId stringrequired

Cloud Account ID

dataSensitivityDatatypeDetails object[]

Data Sensitivity datatypes

Array [

name string

Name of the data sensitivity datatype

count int32

The count of occurances for the given data type

label string

The label for the given data type

]

type string

Possible values: [Vulnerability]

The node type

label string

metadata object

Vulnerability Node Metadata

severity stringrequired

Severity of the vulnerability

score floatrequired

Score of the vulnerability

patchable booleanrequired

Boolean value representing whether this vulnerability is patchable

exploitable booleanrequired

Boolean value representing whether this vulnerability is exploitable

published int64required

Long value representing when the vulnerability was published

edges object[]

Array [

id string

Edge Identifier

source stringrequired

Identifier of the source node

target stringrequired

Identifier of the target node

metadata object

Edge Metadata

severity stringrequired

Effective Severity

relationshipTypeId int64

Relationship Type ID between the edges

]

nextPageToken string

The next page token

{
  "graphs": [
    {
      "graph": {
        "nodes": {},
        "edges": [
          {
            "id": "string",
            "source": "string",
            "target": "string",
            "metadata": {
              "severity": "string"
            },
            "relationshipTypeId": 0
          }
        ]
      }
    }
  ],
  "nextPageToken": "string"
}

Bad Request - request body contains a query that is not grammatically valid

Schema
Example (from schema)

Schema

timestamp stringrequired

status int32required

error stringrequired

errorDetails object[]

Array [

name stringrequired

message stringrequired

]

message stringrequired

path stringrequired

{
  "timestamp": "string",
  "status": 0,
  "error": "string",
  "errorDetails": [
    {
      "name": "string",
      "message": "string"
    }
  ],
  "message": "string",
  "path": "string"
}

Unauthorized - user cannot be authenticated to service the request

Schema
Example (from schema)

Schema

timestamp stringrequired

status int32required

error stringrequired

errorDetails object[]

Array [

name stringrequired

message stringrequired

]

message stringrequired

path stringrequired

{
  "timestamp": "string",
  "status": 0,
  "error": "string",
  "errorDetails": [
    {
      "name": "string",
      "message": "string"
    }
  ],
  "message": "string",
  "path": "string"
}

Forbidden - user is not authorized, or does not have the correct permissions, to make the call

Schema
Example (from schema)

Schema

timestamp stringrequired

status int32required

error stringrequired

errorDetails object[]

Array [

name stringrequired

message stringrequired

]

message stringrequired

path stringrequired

{
  "timestamp": "string",
  "status": 0,
  "error": "string",
  "errorDetails": [
    {
      "name": "string",
      "message": "string"
    }
  ],
  "message": "string",
  "path": "string"
}

PreConditions Failed - query fails domain specific validations

Schema
Example (from schema)

Schema

timestamp stringrequired

status int32required

error stringrequired

errorDetails object[]

Array [

name stringrequired

message stringrequired

]

message stringrequired

path stringrequired

{
  "timestamp": "string",
  "status": 0,
  "error": "string",
  "errorDetails": [
    {
      "name": "string",
      "message": "string"
    }
  ],
  "message": "string",
  "path": "string"
}

Too Many Requests - API is getting rate limited

Schema
Example (from schema)

Schema

timestamp stringrequired

status int32required

error stringrequired

errorDetails object[]

Array [

name stringrequired

message stringrequired

]

message stringrequired

path stringrequired

{
  "timestamp": "string",
  "status": 0,
  "error": "string",
  "errorDetails": [
    {
      "name": "string",
      "message": "string"
    }
  ],
  "message": "string",
  "path": "string"
}

Alert Evidence Graph

/alert/v1/:id/graph

Request​

Path Parameters

Responses​

Request

Responses