Resource Scan Info - GET

GET /resource/scan_info

deprecated

This endpoint has been deprecated and may be replaced or removed in future versions of the API.

Returns a full breakdown of passed/failed statistics and associated policies for resources.

info

Replacement Endpoint: Resource Scan Info V2 - GET

The query parameters enable you to add filters to your request to narrow your results.

Filter by Time

The following table has examples of common filters by time. The time filter narrows the response to resources from account onboarding until the point in time of interest.

Point in time of interest	timeAmount	timeType	timeUnit
24 hours ago	24	relative	hour
1 week ago	1	relative	week
1 month ago	1	relative	month
1 year ago	1	relative	year
Latest	Not required with to_now	to_now	Defaults to epoch

How Current is the Returned Data?

Since Prisma Cloud relies on snapshots of data, there can be an hour or two delay between the time a resource passes or fails a policy check and the reporting of that result through this method.

Filter by Cloud Type

You can specify more than one cloud type to request a combination of data. For example cloud.type=gcp&cloud.type=azure returns data for both gcp and azure.

Filter by Compliance Standard, Requirement, and/or Section

You can also broaden your filter by specifying any of the following query parameters more than once:

policy.complianceStandard
policy.complianceRequirement
policy.complianceSection

Request

Query Parameters

timeType stringrequired

Possible values: [relative, to_now]

Time Type

timeAmount string

Time Amount. Required for timeType relative. Unused for timeType to_now

timeUnit string

Possible values: [minute, hour, day, week, month, year]

Time Unit. Required for timeType relative. Unused for timeType to_now

cloud.account string

Cloud account

cloud.type string

Possible values: [aws, azure, gcp, alibaba_cloud, oci]

Cloud type

cloud.region string

Cloud region

account.group string

Account group

policy.complianceStandard string

Policy compliance standard. You can specify policy.complianceStandard=* to return the data for all compliance standards.

policy.complianceRequirement string

Policy compliance requirement name

policy.complianceSection string

Policy compliance section ID

limit string

Maximum number of entries to be returned. A single API call retrieves a maximum of 10,000 resources, which is also the default.

scan.status string

Possible values: [all, passed, failed]

Whether or not the resources were scanned and whether they passed or failed the scan. The default is all.

pageToken string

Token identifying the required page of data. When there are multiple pages of data, the nextPageToken from the response can be used in this parameter

asset.severity string

Policy severity

vulnerability.severity string

Vulnerability Severity

includeEventForeignEntities boolean

Include Foreign Entities. This is only applicable for compliance flows. This is because the Asset Inventory only counts assets that belong to your cloud account, and the Compliance Dashboard includes foreign entities such as SSO or Federated Users that are not resources ingested directly from the monitored cloud accounts

Responses

success

application/json

Schema
Example (from schema)

Schema

nextPageToken object

Use as page token to return next page of data

failedEventOffset boolean

lastRowIdx int64

limit int64

offset int64

previousTotalMatchedCount int64

timestamp int64

pageSize int64

Page size

resources object[]

List of metadata for resources that match filter

Array [

accountId string

Account ID

accountName string

Account name

alertStatus object

Count of alerts found by their policy severity

critical int64

high int64

informational int64

low int64

medium int64

appNames string[]

assetType string

Asset Type

cloudType string

Possible values: [ALL, AWS, AZURE, GCP, ALIBABA_CLOUD, OCI, IBM]

Cloud type

id string

Resource ID

name string

Resource name

overallPassed boolean

All policies passed

regionId string

Region ID

regionName string

Region Name

resourceConfigJsonAvailable boolean

Resource config JSON available

resourceDetailsAvailable boolean

Resource details available

rrn string

RRN

scannedPolicies object[]

Scanned policies

Array [

id string

labels string[]

name string

passed boolean

severity string

Possible values: [INFORMATIONAL, LOW, MEDIUM, HIGH, CRITICAL]

]

unifiedAssetId string

Asset Id

vulnerabilityStatus object

Count of vulnerabilities found by their severity

critical int64

high int64

low int64

medium int64

]

timestamp int64

Epoch timestamp

totalMatchedCount int64

Total number of filtered resources, both scanned and unscanned

{
  "nextPageToken": {
    "failedEventOffset": true,
    "lastRowIdx": 0,
    "limit": 0,
    "offset": 0,
    "previousTotalMatchedCount": 0,
    "timestamp": 0
  },
  "pageSize": 0,
  "resources": [
    {
      "accountId": "string",
      "accountName": "string",
      "alertStatus": {
        "critical": 0,
        "high": 0,
        "informational": 0,
        "low": 0,
        "medium": 0
      },
      "appNames": [
        "string"
      ],
      "assetType": "string",
      "cloudType": "ALL",
      "id": "string",
      "name": "string",
      "overallPassed": true,
      "regionId": "string",
      "regionName": "string",
      "resourceConfigJsonAvailable": true,
      "resourceDetailsAvailable": true,
      "rrn": "string",
      "scannedPolicies": [
        {
          "id": "string",
          "labels": [
            "string"
          ],
          "name": "string",
          "passed": true,
          "severity": "INFORMATIONAL"
        }
      ],
      "unifiedAssetId": "string",
      "vulnerabilityStatus": {
        "critical": 0,
        "high": 0,
        "low": 0,
        "medium": 0
      }
    }
  ],
  "timestamp": 0,
  "totalMatchedCount": 0
}

Resource Scan Info - GET