Table: prismacloud_vulnerabilitiy_overview - Query Prisma Cloud Vulnerability Overview using SQL
The Prisma Cloud vulnerability overview table in Steampipe provides a comprehensive view of vulnerabilities in runtime assets. This table allows security engineers and cloud administrators to query the total number of vulnerabilities, the number of remediated vulnerabilities, and other key metrics. The schema outlines various attributes related to the vulnerability overview, helping users to monitor and manage vulnerabilities effectively.
Table Usage Guide
The prismacloud_vulnerabilitiy_overview
table in Steampipe provides information about the vulnerability overview in runtime assets within Prisma Cloud. This table allows you to query details such as the total number of vulnerabilities, remediated vulnerabilities, and more, enabling you to manage and monitor your cloud resources effectively.
Important Notes
- To query this table you need
vulnerabilityDashboard
feature withView
permission to access this endpoint. Verify if your permission group includes this feature using the Get Permission Group by ID endpoint. You can also check this in the Prisma Cloud console by ensuring that Dashboard > Vulnerability is enabled.
Examples
Basic info
Retrieve basic information about the vulnerability overview, including the total number of vulnerabilities in runtime assets.
select total_vulnerable_runtime_assets, total_vulnerabilitiesin_runtime, total_remediated_in_runtimefrom prismacloud_vulnerabilitiy_overview;
select total_vulnerable_runtime_assets, total_vulnerabilitiesin_runtime, total_remediated_in_runtimefrom prismacloud_vulnerabilitiy_overview;
Get vulnerability overview
Retrieve detailed information about vulnerabilities, including the breakdown of vulnerabilities by severity levels and remediated vulnerabilities.
select jsonb_pretty(total_vulnerable_runtime_assets) as total_vulnerable_runtime_assets, jsonb_pretty(total_vulnerabilitiesin_runtime) as total_vulnerabilitiesin_runtime, jsonb_pretty(total_remediated_in_runtime) as total_remediated_in_runtime, jsonb_pretty( values ) asvaluesfrom prismacloud_vulnerabilitiy_overview;
select json(total_vulnerable_runtime_assets) as total_vulnerable_runtime_assets, json(total_vulnerabilitiesin_runtime) as total_vulnerabilitiesin_runtime, json(total_remediated_in_runtime) as total_remediated_in_runtime, json( values ) asvaluesfrom prismacloud_vulnerabilitiy_overview;
Get runtime vulnerabilities details
Retrieve the total number of vulnerabilities grouped by severity levels, helping in understanding the distribution of vulnerabilities.
select total_vulnerabilitiesin_runtime ->> 'criticalCount' as critical_count, total_vulnerabilitiesin_runtime ->> 'highCount' as high_count, total_vulnerabilitiesin_runtime ->> 'mediumCount' as medium_count, total_vulnerabilitiesin_runtime ->> 'lowCount' as low_countfrom prismacloud_vulnerabilitiy_overview;
select json_extract( total_vulnerabilitiesin_runtime, '$.criticalCount' ) as critical_count, json_extract(total_vulnerabilitiesin_runtime, '$.highCount') as high_count, json_extract(total_vulnerabilitiesin_runtime, '$.mediumCount') as medium_count, json_extract(total_vulnerabilitiesin_runtime, '$.lowCount') as low_countfrom prismacloud_vulnerabilitiy_overview;
Get remediated vulnerabilities
Retrieve the total number of remediated vulnerabilities, helping in tracking remediation efforts.
select total_remediated_in_runtime ->> 'totalCount' as total_remediatedfrom prismacloud_vulnerabilitiy_overview;
select json_extract(total_remediated_in_runtime, '$.totalCount') as total_remediatedfrom prismacloud_vulnerabilitiy_overview;
Schema for prismacloud_vulnerabilitiy_overview
Name | Type | Operators | Description |
---|---|---|---|
_ctx | jsonb | Steampipe context in JSON form. | |
text | =, !=, ~~, ~~*, !~~, !~~* | Email address of the current session user. | |
sp_connection_name | text | =, !=, ~~, ~~*, !~~, !~~* | Steampipe connection name. |
sp_ctx | jsonb | Steampipe context in JSON form. | |
total_remediated_in_runtime | jsonb | The total number of vulnerabilities that have been remediated in runtime. | |
total_vulnerabilitiesin_runtime | jsonb | The total number of vulnerabilities identified in runtime. | |
total_vulnerable_runtime_assets | jsonb | The total number of runtime assets that are vulnerable. | |
values | jsonb | Additional details related to the vulnerability overview. |
Export
This table is available as a standalone Exporter CLI. Steampipe exporters are stand-alone binaries that allow you to extract data using Steampipe plugins without a database.
You can download the tarball for your platform from the Releases page, but it is simplest to install them with the steampipe_export_installer.sh
script:
/bin/sh -c "$(curl -fsSL https://steampipe.io/install/export.sh)" -- prismacloud
You can pass the configuration to the command with the --config
argument:
steampipe_export_prismacloud --config '<your_config>' prismacloud_vulnerabilitiy_overview