Registry Image not being scanned in Prisma Cloud with Error "failed to scan image failed to augment data: API error (500): The container operating system does not match the host operating system"

• Registry Image not being scanned in Prisma Cloud with Error "failed to scan image failed to augment data: API error (500): The container operating system does not match the host operating system"
• The following Error is seen in Defender Logs:

ERRO YYYY-MM-DDT scanner.go:114 failed to scan image failed to augment data: API error (500): CreateComputeSystem..: The container operating system does not match the host operating system

• Prisma Cloud Compute
• Windows

• Windows requires the Host OS version to match the Container OS version
• If they do not match, you may run into this error:

failed to scan image failed to augment data: API error (500): CreateComputeSystem..: The container operating system does not match the host operating system

• Ensure the Container OS version matches the Host OS version where Defender is running : https://learn.microsoft.com/en-us/virtualization/windowscontainers/deploy-containers/version-compatibility?tabs=windows-server-2022%2Cwindows-11
• For example, Defender running on Windows Server 1803 can scan nanoserver:1803, but it can’t scan nanoserver:1809

• It is worth noting that if you have your Images stored in Microsoft's new Container Registry (mcr.microsoft.com) for a specific version (1809), this is compatible with Windows Server 2019.
• The Repository can be pulled using:

docker pull mcr.microsoft.com/windows/servercore:1809
docker pull mcr.microsoft.com/windows/nanoserver:1809

Note : To deploy Defender on Windows, you’ll copy a PowerShell script from the Prisma Cloud Console and run it on the host where you want to install Defender. Meanwhile, Nanoserver no longer has Power-Shell in its base image. 

https://stackoverflow.com/questions/55637682/pulling-a-windows-image-for-docker-on-windows-server-2019-has-os-compatibility-i 

API error 500 (observed with this issue) typically indicates an internal server error that occurred on the server-side while scanning images for vulnerabilities. There could be several reasons why this error occurred, including:

• Resource limitations: The Windows server may be experiencing resource limitations, such as insufficient memory or CPU usage, which can cause the server to crash or become unresponsive
• Network connectivity issues: Connectivity issues between the server and the API service can cause errors while scanning images for vulnerabilities
• Authentication issues: If the API service requires authentication, there may be issues with the authentication process, such as expired tokens or incorrect credentials
• API service issues: There may be issues with the API service itself, such as bugs or errors in the code or infrastructure issues
• Image size: The size of the image being scanned can also cause errors. If the image is too large or complex, it may cause the server to crash or become unresponsive

Hence, it may also be necessary to check the Windows Logs to determine the specific cause of the error and take appropriate actions to resolve it.

• Defender on Windows
• System Requirements
• Prisma Cloud Compute : Registry Images not being scanned by Defenders with Error "failed to find supported manifest"