Prisma Cloud Build Policies not being filtered in Alert Rules

Prisma Cloud Build Policies not being filtered in Alert Rules

1871
Created On 04/30/23 09:08 AM - Last Modified 02/10/25 21:58 PM


Symptom


  • Prisma Cloud Build Policies not being filtered in Alert Rules
  • After creating Custom Compliance Standard and adding Policies to it, Alert Rule filtering only shows 'Run' Subtype Policies

Environment


  • Prisma Cloud Enterprise Edition (SaaS)
  • Alert rules

Cause


  • We don't support 'Build' Policy Alert Rules at this time

Resolution


  • This is expected behaviour as per current Product design
  • Build Policies will appear for Build Alert Rules - This feature is in Development Phase with no ETA at this time
Note : Build Phase Policies do not support Remediation CLI and hence we need to add the instructions for manually fixing the issue in the Recommendation for Remediation : Create a Custom Policy

Additional Information


Example
  • Compliance Standard 'test' created and assigned to 3 Config Policies
GUI: Compliance Overview > Select Standard 
  • Two of the Assigned Policies are of Type 'Run' while 1 is of Type 'Build'
GUI: Policies 
image
  • However, while assigning Policies to an Alert Rule filtered by this Compliance Standard,  only 'Run' Type Policies are showing up which confirms this behavior
GUI: Alerts > Alert Rules > Add Alert Rule > Assign Policies
Other users also viewed:
Actions
  • Print
  • Copy Link

    https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA14u000000g1dHCAQ&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail