Table: prismacloud_compliance_breakdown_statistic - Query Prisma Cloud compliance breakdown statistics using SQL

The Prisma Cloud compliance breakdown statistic table in Steampipe provides you with detailed information about the compliance status of resources within Prisma Cloud. This table allows security engineers and cloud administrators to query compliance-specific details, including the number of resources that have passed or failed compliance checks, categorized by severity levels. The schema outlines various attributes, such as account information, cloud type, compliance standard, and the number of resources with different compliance statuses.

Table Usage Guide

The prismacloud_compliance_breakdown_statistic table in Steampipe provides information about the compliance status of resources within Prisma Cloud. This table allows you to query details such as the number of resources that have passed or failed compliance checks, categorized by severity levels. This helps in managing and monitoring the compliance status of your cloud resources effectively.

Important Notes

For improved performance, it is recommended to use the optional qualifiers (quals) to limit the result set.
Queries with optional qualifiers are optimized to use filters. The following columns support optional qualifiers:
- account_name
- cloud_type
- cloud_region
- policy_compliance_standard_name
- policy_compliance_requirement_name
- policy_compliance_section_id

Examples

Basic info

Retrieve a basic summary of compliance breakdown, including the number of failed and passed resources.

select
  account_name,
  cloud_type,
  failed_resources,
  passed_resources,
  total_resources
from
  prismacloud_compliance_breakdown_statistic;

select
  account_name,
  cloud_type,
  failed_resources,
  passed_resources,
  total_resources
from
  prismacloud_compliance_breakdown_statistic;

List high severity failed resources

Retrieve the breakdown of high severity failed resources and order by the number of high severity failed resources. This helps in identifying the areas with the most critical compliance issues.

select
  account_name,
  cloud_type,
  high_severity_failed_resources
from
  prismacloud_compliance_breakdown_statistic
order by
  high_severity_failed_resources desc;

select
  account_name,
  cloud_type,
  high_severity_failed_resources
from
  prismacloud_compliance_breakdown_statistic
order by
  high_severity_failed_resources desc;

List breakdown statistics group by account and cloud type

Retrieve a summary of compliance breakdown grouped by account name and cloud type. This query helps you to understand the compliance status of resources across different accounts and cloud environments.

select
  account_name,
  cloud_type,
  sum(critical_severity_failed_resources) as critical_failed_resources,
  sum(high_severity_failed_resources) as high_failed_resources,
  sum(medium_severity_failed_resources) as medium_failed_resources,
  sum(low_severity_failed_resources) as low_failed_resources,
  sum(informational_severity_failed_resources) as informational_failed_resources,
  sum(passed_resources) as passed_resources,
  sum(total_resources) as total_resources
from
  prismacloud_compliance_breakdown_statistic
group by
  account_name,
  cloud_type;

select
  account_name,
  cloud_type,
  sum(critical_severity_failed_resources) as critical_failed_resources,
  sum(high_severity_failed_resources) as high_failed_resources,
  sum(medium_severity_failed_resources) as medium_failed_resources,
  sum(low_severity_failed_resources) as low_failed_resources,
  sum(informational_severity_failed_resources) as informational_failed_resources,
  sum(passed_resources) as passed_resources,
  sum(total_resources) as total_resources
from
  prismacloud_compliance_breakdown_statistic
group by
  account_name,
  cloud_type;

Get breakdown statistics for compliance standard and requirement

Retrieve detailed compliance breakdown statistics by joining with the compliance standard and requirement tables. This query helps you to get a comprehensive view of the compliance status of resources, including the associated compliance standards and requirements.

select
  r.compliance_id as standard_id,
  r.name as requirement_name,
  b.account_name,
  b.cloud_type,
  b.failed_resources,
  b.passed_resources,
  b.total_resources
from
  prismacloud_compliance_breakdown_statistic as b
  join prismacloud_compliance_requirement as r on b.policy_compliance_requirement_name = r.name;

select
  r.compliance_id as standard_id,
  r.name as requirement_name,
  b.account_name,
  b.cloud_type,
  b.failed_resources,
  b.passed_resources,
  b.total_resources
from
  prismacloud_compliance_breakdown_statistic as b
  join prismacloud_compliance_requirement as r on b.policy_compliance_requirement_name = r.name;

Schema for prismacloud_compliance_breakdown_statistic

Name	Type	Operators	Description
_ctx	jsonb		Steampipe context in JSON form.
account_id	text		The unique identifier for the account.
account_name	text	=	The unique identifier for the account.
assigned_policies	bigint		Number of policies assigned to the Compliance Standard/Requirement/Section.
cloud_region	text	=	The region of the cloud where the resource is located.
cloud_type	text	=	The type of cloud (e.g., AWS, Azure, GCP).
critical_severity_failed_resources	bigint		Number of Compliance Standard/Requirement/Section scanned resources failing critical severity policies.
default	boolean		Indicates if it is a system default.
description	text		Description of the Compliance Standard/Requirement/Section.
email	text	=, !=, ~~, ~~, !~~, !~~	Email address of the current session user.
failed_resources	bigint		Number of failing Compliance Standard/Requirement/Section scanned resources.
high_severity_failed_resources	bigint		Number of Compliance Standard/Requirement/Section scanned resources failing high severity policies.
id	text		ID of the Compliance Standard/Requirement/Section.
informational_severity_failed_resources	bigint		Number of Compliance Standard/Requirement/Section scanned resources failing informational severity policies.
low_severity_failed_resources	bigint		Number of Compliance Standard/Requirement/Section scanned resources failing low severity policies.
medium_severity_failed_resources	bigint		Number of Compliance Standard/Requirement/Section scanned resources failing medium severity policies.
name	text		Name of the Compliance Standard/Requirement/Section.
passed_resources	bigint		Number of passing Compliance Standard/Requirement/Section scanned resources.
policy_compliance_requirement_name	text	=	The name of the compliance requirement associated with the policy.
policy_compliance_section_id	text	=	The ID of the compliance section associated with the policy.
policy_compliance_standard_name	text	=	The name of the compliance standard associated with the policy.
sp_connection_name	text	=, !=, ~~, ~~, !~~, !~~	Steampipe connection name.
sp_ctx	jsonb		Steampipe context in JSON form.
title	text		Title of the compliance posture.
total_resources	bigint		Total number of Compliance Standard/Requirement/Section scanned resources.

Export

This table is available as a standalone Exporter CLI. Steampipe exporters are stand-alone binaries that allow you to extract data using Steampipe plugins without a database.

You can download the tarball for your platform from the Releases page, but it is simplest to install them with the steampipe_export_installer.sh script:

/bin/sh -c "$(curl -fsSL https://steampipe.io/install/export.sh)" -- prismacloud

You can pass the configuration to the command with the --config argument:

steampipe_export_prismacloud --config '<your_config>' prismacloud_compliance_breakdown_statistic