Skip to main content

Add Global Scan Settings

POST 

/api/v33.01/settings/scan

x-prisma-cloud-target-env: {"permission":"systemOperations"}

Configures the Prisma Cloud Compute scanner settings.

For more information, see Configure Scanning.

cURL Request

Refer to the following example cURL request that configures the following scan intervals:

  • Scan registries and serverless functions once per week.
  • Scan images, containers, and hosts once per day.
$ curl -k \
-u <USER> \
-H 'Content-Type: application/json' \
-X POST \
-d \
'{
"imagesScanPeriodMs":86400000,
"containersScanPeriodMs": 86400000,
"systemScanPeriodMs": 86400000,
"serverlessScanPeriodMs": 604800000,
"registryScanPeriodMs":604800000
}' \
"https://<CONSOLE>/api/v<VERSION>/settings/scan"

Request

Body

    agentlessScanPeriodMs int64

    AgentlessScanPeriodMS is the agentless scan period in ms - validated for minimum 1 hour or disabled with zero.

    cloudPlatformsScanPeriodMs int64

    CloudPlatformsScanPeriodMS is the cloud platforms scan period in ms - validated for minimum 1 hour or disabled with zero.

    containersScanPeriodMs int64

    ContainersScanPeriodMS is the container scan period in ms - validated for minimum 1 hour or disabled with zero.

    extractArchive boolean

    ExtractArchive indicates whether to search within archive during scan is enabled.

    imagesScanPeriodMs int64

    ImageScanPeriodMS is the image scan period in ms - validated for minimum 1 hour or disabled with zero.

    includeJsDependencies boolean

    IncludeJsDependencies indicates whether to include packages from the "dependencies".

    registryScanPeriodMs int64

    RegistryScanPeriodMS is the registry scan period in ms - validated for minimum 1 hour or disabled with zero.

    registryScanRetentionDays integer

    RegistryScanRetentionDays is the number of days to keep deleted registry images.

    scanRunningImages boolean

    ScanRunningImages indicates only images that are used by containers should be used.

    serverlessScanPeriodMs int64

    ServerlessScanPeriodMS is the serverless vulnerability scan period in ms - validated for minimum 1 hour or disabled with zero.

    showInfraContainers boolean

    ShowInfraContainers indicates infra containers should be shown.

    showNegligibleVulnerabilities boolean

    ShowNegligibleVulnerabilities indicates whether to display negligible vulnerabilities (low severity or will not be fixed).

    systemScanPeriodMs int64

    SystemScanPeriodMS is the host scan period in ms - validated for minimum 1 hour or disabled with zero.

    tasDropletsScanPeriodMs int64

    TASDropletsScanPeriodMS is the TAS scan period in ms - validated for minimum 1 hour or disabled with zero.

    vmScanPeriodMs int64

    VMScanPeriodMS is the VM image scan period in ms - validated for minimum 1 hour or disabled with zero.

Responses

OK

Loading...