Get Policy - BlinkOps Documentation

Parameters
Example Output
Workflow Library Example

Get details about a single LQL policy.

External DocumentationTo learn more, visit the Lacework documentation.

Parameters

Parameter	Description
Policy ID	The ID if the policy to get details of. Can be retrieved from the ‘List Policies’ action.

Example Output

{
  "data": {
    "evaluatorId": "Cloudtrail",
    "policyId": "lacework...",
    "policyType": "Violation",
    "queryId": "LW_Custom_AWS_CTA_AuroraPasswordChange",
    "queryText": "LW_Custom_AWS_CTA_AuroraPasswordChange { SOURCE { CloudTrailRawEvents } FILTER ...",
    "title": "Cloudtrail Policy 2",
    "enabled": false,
    "description": "Cloudtrail Policy 2",
    "remediation": "Policy remediation 2",
    "severity": "medium",
    "limit": 100,
    "evalFrequency": "Hourly",
    "alertEnabled": true,
    "alertProfile": "LW_CloudTrail_Alerts.CloudTrailDefaultAlert_AwsResource",
    "owner": "user@example.com",
    "lastUpdateTime": "2022-10-03T16:23:38.915Z",
    "lastUpdateUser": "user@example.com",
    "tags": [
      "domain:Host",
      "subdomain:Container"
    ]
  }
}ExecuteQueries

Workflow Library Example

Get Policy with Lacework and Send Results Via Email

Preview this Workflow on desktop

Get Data Source Detail Get Query Details

⌘I

Integrations

​Parameters

​Example Output

​Workflow Library Example

Parameters

Example Output

Workflow Library Example