Update Custom Rule
PUT/api/v32.04/custom-rules/:id
x-prisma-cloud-target-env: {"permission":"policyCustomRules","saas":true,"self-hosted":true}
x-public: true
UpdateCustomRule creates/edits a custom rule
Request
Path Parameters
- application/json
Body
Rule ID. Must be unique.
Possible values: [exploitationForPrivilegeEscalation,exploitPublicFacingApplication,applicationExploitRCE,networkServiceScanning,endpointDenialOfService,exfiltrationGeneral,systemNetworkConfigurationDiscovery,unsecuredCredentials,credentialDumping,systemInformationDiscovery,systemNetworkConnectionDiscovery,systemUserDiscovery,accountDiscovery,cloudInstanceMetadataAPI,accessKubeletMainAPI,queryKubeletReadonlyAPI,accessKubernetesAPIServer,softwareDeploymentTools,ingressToolTransfer,lateralToolTransfer,commandAndControlGeneral,resourceHijacking,manInTheMiddle,nativeBinaryExecution,foreignBinaryExecution,createAccount,accountManipulation,abuseElevationControlMechanisms,supplyChainCompromise,obfuscatedFiles,hijackExecutionFlow,impairDefences,scheduledTaskJob,exploitationOfRemoteServices,eventTriggeredExecution,accountAccessRemoval,privilegedContainer,writableVolumes,execIntoContainer,softwareDiscovery,createContainer,kubernetesSecrets,fileAndDirectoryDiscovery,masquerading,webShell,compileAfterDelivery]
List of attack techniques.
Description of the rule.
Macro that is printed as part of the audit/incident message.
Minimum version required to support the rule.
Datetime when the rule was created or last modified.
Name of the rule.
User who created or modified the rule.
Custom script.
Possible values: [processes,filesystem,network-outgoing,kubernetes-audit,waas-request,waas-response]
Type is the type of the custom rule
VulnIDs is the list of vulnerability IDs
Responses
- 200
- default
OK