Table: prismacloud_inventory_asset_explorer - Explore Prisma Cloud assets using SQL
The Prisma Cloud asset explorer table in Steampipe provides you with comprehensive information about cloud assets within Prisma Cloud. This table allows you, as a security engineer or cloud administrator, to query asset-specific details, including account information, alert statuses, compliance standards, and vulnerability details. You can utilize this table to gather insights on cloud assets, such as compliance status, alert severity, and vulnerability counts. The schema outlines the various attributes of the Prisma Cloud assets for you.
Table Usage Guide
The prismacloud_inventory_asset_explorer table in Steampipe provides detailed information about cloud assets within Prisma Cloud. This table allows you to query details such as account ID, alert statuses, compliance standards, and vulnerability information, enabling you to manage and monitor your cloud assets effectively.
Important Notes
- For improved performance, it is recommended to use the optional qualifiers (quals) to limit the result set.
- Queries with optional qualifiers are optimized to use filters. The following columns support optional qualifiers:
account_namecloud_typecompliance_requirement_namecompliance_standard_nameregion_namescan_status
Examples
Basic info
Retrieve basic information about Prisma Cloud assets, such as account ID, account name, and asset type.
select account_id, account_name, asset_typefrom prismacloud_inventory_asset_explorer;select account_id, account_name, asset_typefrom prismacloud_inventory_asset_explorer;Get asset alert statuses
Get the count of alert statuses for each asset by severity level. This is useful for understanding the alert distribution across your assets.
select name, alert_status_critical, alert_status_high, alert_status_medium, alert_status_low, alert_status_informationalfrom prismacloud_inventory_asset_explorer;select name, alert_status_critical, alert_status_high, alert_status_medium, alert_status_low, alert_status_informationalfrom prismacloud_inventory_asset_explorer;Get compliance standard details of assets
Retrieve the compliance standard name and scan status for each asset. This helps in understanding the compliance posture and scan results of your assets.
select e.compliance_standard_name, s.policies_assigned_count, s.system_default, e.scan_statusfrom prismacloud_inventory_asset_explorer as e join prismacloud_compliance_standard as s on s.name = e.compliance_standard_name;select e.compliance_standard_name, s.policies_assigned_count, s.system_default, e.scan_statusfrom prismacloud_inventory_asset_explorer as e join prismacloud_compliance_standard as s on s.name = e.compliance_standard_name;Get vulnerability statuses of assets
Identify the number of vulnerabilities by severity level for each asset. This helps in assessing the impact of vulnerabilities on your assets.
select name, vulnerability_status_critical, vulnerability_status_high, vulnerability_status_medium, vulnerability_status_lowfrom prismacloud_inventory_asset_explorer;select name, vulnerability_status_critical, vulnerability_status_high, vulnerability_status_medium, vulnerability_status_lowfrom prismacloud_inventory_asset_explorer;Get assets overall passed resources
Get the list of resources that passed overall checks. This helps in identifying compliant and secure resources within your cloud environment.
select name, overall_passedfrom prismacloud_inventory_asset_explorerwhere overall_passed = true;select name, overall_passedfrom prismacloud_inventory_asset_explorerwhere overall_passed = 1;Schema for prismacloud_inventory_asset_explorer
| Name | Type | Operators | Description |
|---|---|---|---|
| _ctx | jsonb | Steampipe context in JSON form. | |
| account_id | text | The unique identifier for the account. | |
| account_name | text | = | The name of the account. |
| alert_status_critical | bigint | The critical alert status count. | |
| alert_status_high | bigint | The high alert status count. | |
| alert_status_informational | bigint | The informational alert status count. | |
| alert_status_low | bigint | The low alert status count. | |
| alert_status_medium | bigint | The medium alert status count. | |
| app_names | jsonb | The application names associated with the resource. | |
| asset_type | text | The type of the asset. | |
| cloud_type | text | = | The type of cloud (e.g., AWS, Azure, GCP). |
| compliance_requirement_name | text | = | The name of the compliance requirement. |
| compliance_standard_name | text | = | The name of the compliance standard. |
| text | =, !=, ~~, ~~*, !~~, !~~* | Email address of the current session user. | |
| id | text | The unique identifier for the resource. | |
| name | text | The name of the resource. | |
| overall_passed | boolean | Indicates if the resource passed overall checks. | |
| region_id | text | The ID of the region. | |
| region_name | text | = | The name of the region. |
| resource_config_json_available | boolean | Indicates if the resource config JSON is available. | |
| resource_details_available | boolean | Indicates if the resource details are available. | |
| rrn | text | The resource RRN. | |
| scan_status | text | = | The scan status. Possible values are: 'passed' or 'failed' |
| scanned_policies | jsonb | The policies that have been scanned for the resource. | |
| sp_connection_name | text | =, !=, ~~, ~~*, !~~, !~~* | Steampipe connection name. |
| sp_ctx | jsonb | Steampipe context in JSON form. | |
| timestamp | timestamp with time zone | The timestamp of the response. | |
| title | text | Title of the asset. | |
| unified_asset_id | text | The unified asset ID. | |
| vulnerability_status_critical | bigint | The critical vulnerability status count. | |
| vulnerability_status_high | bigint | The high vulnerability status count. | |
| vulnerability_status_low | bigint | The low vulnerability status count. | |
| vulnerability_status_medium | bigint | The medium vulnerability status count. |
Export
This table is available as a standalone Exporter CLI. Steampipe exporters are stand-alone binaries that allow you to extract data using Steampipe plugins without a database.
You can download the tarball for your platform from the Releases page, but it is simplest to install them with the steampipe_export_installer.sh script:
/bin/sh -c "$(curl -fsSL https://steampipe.io/install/export.sh)" -- prismacloudYou can pass the configuration to the command with the --config argument:
steampipe_export_prismacloud --config '<your_config>' prismacloud_inventory_asset_explorer