Prisma Cloud: Generating Spreadsheet For Alerts Through Prisma Cloud APIs

• Prisma Cloud CSPM
• API (Application Programming Interface)
• Postman

1. Make sure you’re logged in and have access to your tenant. You’ll use the Login Generate Token call in the Prisma Cloud Collection.

Note:  200 OK status code confirms a successful login attempt and tenant connection
 

2. Submit a CSV job by using the Submit Alert CSV Generation Job call.

• To implement filters for your alerts, add them to the body of your payload as shown in the screenshot above

3. Get the Job ID from the response of the Submit Alert CSV Generation Job call.

4. Use the Job ID from the response of the previous API call in the GET https://{{api-endpoint}}/alert/csv/jobId/status.

5. Run the previous call again until you see the status in the response change to "READY_TO_DOWNLOAD."

6. Run the GET https://{{api-endpoint}}/alert/csv/jobId/download

7. Click on Save Response > Save to a file to download all the alerts in spreadsheet.

8. Open the downloaded spreadsheet.

Accessing Prisma Cloud Through API Calls

For you to be able to call Prisma Cloud APIs, you’ll need to have your access keys generated. To generate an access key for yourself please follow these steps. Two popular ways to call APIs are Postman and cURL. This documentation will mostly talk about Postman. Please go through these steps to generate JSON Web Tokens (JWT) in Prisma Cloud.

Setting Up Postman

Prisma Cloud CSPM has a Github repository with a collection of not all but most API calls that you can use. This repository also contains instructions for setting up Postman.

Note: some calls in this collection might be incomplete. For these incomplete calls, please refer to our API documentation for Prisma Cloud CSPM.