Skip to main content

Welcome to the Aggregate Monitoring APIs

Welcome to the Aggregate Monitoring APIs. These APIs are available to customers that utilize Cloud Management for service onboarding, configuration, and operations.

After you create a tenant service group, create a service account, and obtain an access token, you can use the Aggregate Monitoring API Reference to discover how to perform aggregated monitoring queries for the following resources:

  • Data Resource API: retrieve aggregated summaries and counts across all your tenants of a Prisma Access instance for threats, alerts, risky applications, URLs, and connectivity status.
  • Insights Resource API: retrieve an aggregated list of insights, such as all upgrade statuses across tenants.
  • License Resource API: retrieve aggregated lists across Prisma Access tenants for license quotas, setup status, and utilization.
  • Tenant Resources API: list all Prisma Access tenants in the hierarchy.

The monitoring functionality exposed by these APIs can also be performed using the Prisma SASE Platform's Multitentant Portal user interface.


See the Prisma SASE API Get Started for information about base URLs, authentication, and obtaining access tokens.

API Requests

Send all API requests to the base URL plus the path and parameter of /mt/monitor/v1/agg/<path>?<query_parameter>.

For example, using curl:

curl -X POST "" \
-H 'accept: application/json' \
-H "Authorization: Bearer <ACCESS_TOKEN>" \
-H "Content-Type: application/json" \
-H "X-PANW-Region: de" \
-d '{"properties":[{"property":"sub_tenant_id"},{"property":"total_count"}],"filter":{"operator":"AND","rules":[{"property":"domain","operator":"in","values":["External","external"]},{"property":"event_time","operator":"last_n_days","values":[7]}]}}'

Depending on the query and the query parameter, there are also query filters and properties that you need to use in the request body.

This API requires the x-panw-region header. See About x-panw-region for usage information.