Table: prismacloud_inventory_api_endpoint - Query Prisma Cloud API endpoints using SQL
The Prisma Cloud API endpoint table in Steampipe provides you with comprehensive information about API endpoints within Prisma Cloud. This table allows you, as a security engineer or cloud administrator, to query API endpoint-specific details, including account information, API paths, HTTP methods, and risk factors. You can utilize this table to gather insights on API endpoints, such as discovery methods, inspection types, and usage statistics. The schema outlines the various attributes of the Prisma Cloud API endpoints for you.
Table Usage Guide
The prismacloud_inventory_api_endpoint
table in Steampipe provides detailed information about API endpoints within Prisma Cloud. This table allows you to query details such as account ID, API paths, HTTP methods, and risk factors, enabling you to manage and monitor your API endpoints effectively.
Examples
Basic info
Retrieve basic information about Prisma Cloud API endpoints, such as account ID, account name, and API path.
select account_id, account_name, api_pathfrom prismacloud_inventory_api_endpoint;
select account_id, account_name, api_pathfrom prismacloud_inventory_api_endpoint;
Get API endpoints HTTP methods and hits
Get the count of hits for each API endpoint by HTTP method. This is useful for understanding the usage patterns of your API endpoints.
select api_path, http_method, hitsfrom prismacloud_inventory_api_endpoint;
select api_path, http_method, hitsfrom prismacloud_inventory_api_endpoint;
Get API endpoints risk factors
Retrieve the risk factors associated with each API endpoint. This helps in assessing the security posture of your API endpoints.
select api_path, path_risk_factors ->> 'internetExposed' as internet_exposed, path_risk_factors -> 'owaspAPIAttacks' as owasp_api_attacks, path_risk_factors -> 'requestSensitiveData' as request_sensitive_data, path_risk_factors ->> 'requiresAuthentication' as requires_authentication, path_risk_factors -> 'responseSensitiveData' as response_sensitive_datafrom prismacloud_inventory_api_endpoint;
select api_path, json_extract(path_risk_factors, '$.internetExposed') as internet_exposed, json_extract(path_risk_factors, '$.owaspAPIAttacks') as owasp_api_attacks, json_extract(path_risk_factors, '$.requestSensitiveData') as request_sensitive_data, json_extract(path_risk_factors, '$.requiresAuthentication') as requires_authentication, json_extract(path_risk_factors, '$.responseSensitiveData') as response_sensitive_datafrom prismacloud_inventory_api_endpoint;
Discovery methods and inspection types
Identify the discovery methods and inspection types for each API endpoint. This helps in understanding how the endpoints were discovered and inspected.
select api_path, discovery_method, inspection_typefrom prismacloud_inventory_api_endpoint;
select api_path, discovery_method, inspection_typefrom prismacloud_inventory_api_endpoint;
Get API endpoint recent changes and observations
Get the timestamp of when each API endpoint was last changed and last observed. This helps in tracking the activity and updates of your API endpoints.
select api_path, last_changed, current_date - last_changed :: date as days_since_last_change, last_observed, current_date - last_observed :: date as days_since_last_observedfrom prismacloud_inventory_api_endpoint;
select api_path, last_changed, julianday('now') - julianday(last_changed) as days_since_last_change, last_observed, julianday('now') - julianday(last_observed) as days_since_last_observedfrom prismacloud_inventory_api_endpoint;
Schema for prismacloud_inventory_api_endpoint
Name | Type | Operators | Description |
---|---|---|---|
_ctx | jsonb | Steampipe context in JSON form. | |
account_id | text | The account ID. | |
account_name | text | The account name. | |
api_path | text | The API path. | |
api_server | text | The API server URL. | |
asset_id | text | The unique identifier for the asset. | |
cloud_type | text | The type of cloud. | |
count | bigint | The count of items. | |
discovery_method | text | The method of discovery. | |
text | =, !=, ~~, ~~*, !~~, !~~* | Email address of the current session user. | |
hits | bigint | The number of hits. | |
http_method | text | The HTTP method. | |
inspection_type | text | The type of inspection. | |
last_changed | timestamp with time zone | The timestamp when the asset was last changed. | |
last_observed | timestamp with time zone | The timestamp when the asset was last observed. | |
path_risk_factors | jsonb | The risk factors associated with the path. | |
region | text | The region of the asset. | |
service_name | text | The name of the service. | |
sp_connection_name | text | =, !=, ~~, ~~*, !~~, !~~* | Steampipe connection name. |
sp_ctx | jsonb | Steampipe context in JSON form. | |
title | text | Title of the asset. | |
total | bigint | The total number of items. | |
workloads | jsonb | The workloads associated with the asset. |
Export
This table is available as a standalone Exporter CLI. Steampipe exporters are stand-alone binaries that allow you to extract data using Steampipe plugins without a database.
You can download the tarball for your platform from the Releases page, but it is simplest to install them with the steampipe_export_installer.sh
script:
/bin/sh -c "$(curl -fsSL https://steampipe.io/install/export.sh)" -- prismacloud
You can pass the configuration to the command with the --config
argument:
steampipe_export_prismacloud --config '<your_config>' prismacloud_inventory_api_endpoint