Prisma Cloud: Alert has its resource name "hidden_due_to_security_reasons"

Prisma Cloud: Alert has its resource name "hidden_due_to_security_reasons"

2060
Created On 12/18/22 15:07 PM - Last Modified 02/07/25 22:41 PM


Symptom


Alert ID/Entity has resource name "hidden_due_to_security_reasons".  

GUI Path: Alerts Overview > Excess login failures20230803.png

Environment


  • Prisma Cloud Enterprise 
  • Alerts 

Cause


The "HIDDEN_DUE_TO_SECURITY_REASONS" is coming from AWS CloudTrail events.
 

Resolution


AWS did this based on security consideration to avoid data leakage.
As a security best practice, AWS does not log the entered user name text when a sign-in failure is caused by an incorrect user name.
The user name text is masked by the value “HIDDEN_DUE_TO_SECURITY_REASONS”.

 

Additional Information


 For more information, see the Amazon AWS “CloudTrail userIdentity Element” article here
Other users also viewed:
Actions
  • Print
  • Copy Link

    https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA14u000000saBICAY&lang=en_US&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail