v1.0 for Steampipe, Powerpipe, Flowpipe, 116 plugins, and 44 mods →
Steampipe logo 
Hub
Plugins
turbot/prismacloud
Overview
26Tables
Versions
GitHub
steampipe plugin install prismacloud

Table: prismacloud_inventory_workload_container_image - Query Prisma Cloud container images using SQL

The Prisma Cloud container image table in Steampipe provides you with comprehensive information about container images within workloads in Prisma Cloud. This table allows you, as a security engineer or cloud administrator, to query container image-specific details, including their name, related images, running containers, scan status, and vulnerability details. You can utilize this table to gather insights on container images, such as their stages, scan results, and vulnerability funnel details. The schema outlines the various attributes of the Prisma Cloud container images for you.

Table Usage Guide

The prismacloud_inventory_workload_container_image table in Steampipe provides detailed information about container images within Prisma Cloud workloads. This table allows you to query details such as the container image's name, related images, running containers, scan status, and vulnerability funnel details, enabling you to manage and monitor your container images effectively.

Examples

Basic Info

Retrieve basic information about Prisma Cloud container images, such as their names and the number of related images. This query helps you understand the overall configuration and status of your container images.

select
  name,
  related_images
from
  prismacloud_inventory_workload_container_image;
select
  name,
  related_images
from
  prismacloud_inventory_workload_container_image;

Running containers of workload container images

Get the number of running containers for each container image. This is useful for understanding the deployment status of your container images.

select
  name,
  running_containers
from
  prismacloud_inventory_workload_container_image;
select
  name,
  running_containers
from
  prismacloud_inventory_workload_container_image;

Get scan status of workload container images

Identify whether the scan passed for each container image. This helps in assessing the security posture of your container images.

select
  name,
  scan_passed
from
  prismacloud_inventory_workload_container_image;

Running container counts for non-base images

Get the number of running containers for each non-base container image. This query helps in understanding the deployment status of your non-base container images.

select
  name,
  running_containers
from
  prismacloud_inventory_workload_container_image
where
  base = false;
select
  name,
  running_containers
from
  prismacloud_inventory_workload_container_image
where
  base = false;

Vulnerability funnel details

Get the vulnerability funnel details for each container image, including the total number of vulnerabilities, urgent vulnerabilities, patchable vulnerabilities, exploitable vulnerabilities, and vulnerabilities in packages currently in use.

select
  name,
  vuln_funnel ->> 'total' as total,
  vuln_funnel ->> 'urgent' as urgent,
  vuln_funnel ->> 'patchable' as patchable,
  vuln_funnel ->> 'exploitable' as exploitable,
  vuln_funnel ->> 'packageInUse' as package_in_use
from
  prismacloud_inventory_workload_container_image;
select
  name,
  json_extract(vuln_funnel, '$.total') as total,
  json_extract(vuln_funnel, '$.urgent') as urgent,
  json_extract(vuln_funnel, '$.patchable') as patchable,
  json_extract(vuln_funnel, '$.exploitable') as exploitable,
  json_extract(vuln_funnel, '$.packageInUse') as package_in_use
from
  prismacloud_inventory_workload_container_image;

Schema for prismacloud_inventory_workload_container_image

NameTypeOperatorsDescription
_ctxjsonbSteampipe context in JSON form.
basebooleanIndicates if the image is a base image.
emailtext=, !=, ~~, ~~*, !~~, !~~*Email address of the current session user.
nametextThe name of the container image.
related_imagesbigintThe number of related images.
running_containersbigintThe number of running containers.
scan_passedbooleanIndicates if the scan passed.
sp_connection_nametext=, !=, ~~, ~~*, !~~, !~~*Steampipe connection name.
sp_ctxjsonbSteampipe context in JSON form.
stagesjsonbThe stages of the container image.
uai_idtextThe unique identifier of the UAI.
vuln_funneljsonbThe vulnerability funnel details.

Export

This table is available as a standalone Exporter CLI. Steampipe exporters are stand-alone binaries that allow you to extract data using Steampipe plugins without a database.

You can download the tarball for your platform from the Releases page, but it is simplest to install them with the steampipe_export_installer.sh script:

/bin/sh -c "$(curl -fsSL https://steampipe.io/install/export.sh)" -- prismacloud

You can pass the configuration to the command with the --config argument:

steampipe_export_prismacloud --config '<your_config>' prismacloud_inventory_workload_container_image