turbot/prismacloud
steampipe plugin install prismacloud

Table: prismacloud_inventory_workload - Query Prisma Cloud workloads using SQL

The Prisma Cloud workload table in Steampipe provides you with comprehensive information about workloads within Prisma Cloud. This table allows you, as a security engineer or cloud administrator, to query workload-specific details, including container images, cloud providers, hosts, and their vulnerability status. You can utilize this table to gather insights on workloads, such as their stages, cloud providers, and vulnerabilities. The schema outlines the various attributes of the Prisma Cloud workloads for you, including the number of container images and hosts, and their respective vulnerability statuses.

Table Usage Guide

The prismacloud_inventory_workload table in Steampipe provides detailed information about workloads within Prisma Cloud. This table allows you to query details such as the number of container images in different stages, cloud providers, hosts, and their vulnerability status, enabling you to manage and monitor your workloads effectively.

Examples

Basic Info

Retrieve basic information about Prisma Cloud workloads, such as the number of container images and hosts. This query helps you understand the overall configuration and status of your workloads.

select
container_images_build,
container_images_deploy,
container_images_run,
hosts_total
from
prismacloud_inventory_workload;
select
container_images_build,
container_images_deploy,
container_images_run,
hosts_total
from
prismacloud_inventory_workload;

Get host cloud providers

Get a list of cloud providers associated with container images. This is useful for understanding which cloud providers are being used for container images.

select
container_images_cloud_providers,
hosts_cloud_providers
from
prismacloud_inventory_workload;
select
container_images_cloud_providers,
hosts_cloud_providers
from
prismacloud_inventory_workload;

Vulnerable container images and hosts

Identify the number of vulnerable container images and hosts. This helps in assessing the security posture of your workloads.

select
container_images_vulnerable,
hosts_vulnerable
from
prismacloud_inventory_workload;
select
container_images_vulnerable,
hosts_vulnerable
from
prismacloud_inventory_workload;

Schema for prismacloud_inventory_workload

NameTypeOperatorsDescription
_ctxjsonbSteampipe context in JSON form.
container_images_buildbigintNumber of container images in the build stage.
container_images_cloud_providersjsonbCloud providers for container images.
container_images_deploybigintNumber of container images in the deploy stage.
container_images_runbigintNumber of container images in the run stage.
container_images_vulnerablebigintNumber of vulnerable container images.
emailtext=, !=, ~~, ~~*, !~~, !~~*Email address of the current session user.
hosts_cloud_providersjsonbCloud providers for hosts.
hosts_totalbigintTotal number of hosts.
hosts_vulnerablebigintNumber of vulnerable hosts.
sp_connection_nametext=, !=, ~~, ~~*, !~~, !~~*Steampipe connection name.
sp_ctxjsonbSteampipe context in JSON form.

Export

This table is available as a standalone Exporter CLI. Steampipe exporters are stand-alone binaries that allow you to extract data using Steampipe plugins without a database.

You can download the tarball for your platform from the Releases page, but it is simplest to install them with the steampipe_export_installer.sh script:

/bin/sh -c "$(curl -fsSL https://steampipe.io/install/export.sh)" -- prismacloud

You can pass the configuration to the command with the --config argument:

steampipe_export_prismacloud --config '<your_config>' prismacloud_inventory_workload