Skip to main content

Alert Updated

Triggers a workflow on every update to a Prisma Cloud CSPM alert.

info

Automations based on this trigger will search for new events every 5 minutes.

Sample Event

{
    "id": "P-354",
    "status": "open",
    "reason": "NEW_ALERT",
    "firstSeen": 1667744215877,
    "lastSeen": 1667744215877,
    "alertTime": 1667744215877,
    "lastUpdated": 1667744492557,
    "policyId": "2378dbf4-b104-4bda-9b05-7417affbba3f",
    "saveSearchId": "8824de78-7e99-4ef2-9c3d-8110e12c7df7",
    "metadata": {
        "saveSearchId": "8824de78-7e99-4ef2-9c3d-8110e12c7df7"
    },
    "policy": {
        "policyId": "2378dbf4-b104-4bda-9b05-7417affbba3f",
        "policyType": "config",
        "systemDefault": true,
        "remediable": false
    },
    "alertRules": [],
    "history": [],
    "resource": {
        "rrn": "rrn::securityGroup:eu-west-1:714946255915:5dcff2d908a4e3172c81a4816e737799bffde199:sg-04c685117a1f1283d",
        "id": "sg-04c685117a1f1283d",
        "name": "default",
        "account": "AWS Account",
        "accountId": "714946255915",
        "cloudAccountGroups": [
            "Default Account Group"
        ],
        "region": "AWS Ireland",
        "regionId": "eu-west-1",
        "resourceType": "SECURITY_GROUP",
        "resourceApiName": "aws-ec2-describe-security-groups",
        "cloudServiceName": "Amazon VPC",
        "url": "https://console.aws.amazon.com/vpc/home?region=eu-west-1#securityGroups:filter=sg-04c685117a1f1283d",
        "data": {
            "description": "default VPC security group",
            "groupId": "sg-04c685117a1f1283d",
            "groupName": "default",
            "ipPermissions": [
                {
                    "ipRanges": [],
                    "prefixListIds": [],
                    "userIdGroupPairs": [
                        {
                            "groupId": "sg-04c685117a1f1283d",
                            "userId": "714946255915"
                        }
                    ],
                    "ipProtocol": "-1",
                    "ipv4Ranges": [],
                    "ipv6Ranges": []
                }
            ],
            "ipPermissionsEgress": [
                {
                    "ipRanges": [
                        "0.0.0.0/0"
                    ],
                    "prefixListIds": [],
                    "userIdGroupPairs": [],
                    "ipProtocol": "-1",
                    "ipv4Ranges": [
                        {
                            "cidrIp": "0.0.0.0/0"
                        }
                    ],
                    "ipv6Ranges": []
                }
            ],
            "isShared": false,
            "ownerId": "714946255915",
            "region": "eu-west-1",
            "tags": [],
            "vpcId": "vpc-068f42117500e156b"
        },
        "additionalInfo": {},
        "cloudType": "aws",
        "resourceTs": 1667744215208,
        "unifiedAssetId": "03b6296bb2bfa3de4d6fb18782d11807",
        "resourceConfigJsonAvailable": true,
        "resourceDetailsAvailable": true
    },
    "alertAdditionalInfo": {
        "scannerVersion": "CS_2.0"
    }
}