External DocumentationTo learn more, visit the Prisma Cloud CWP documentation.
Basic Parameters
| Parameter | Description |
|---|---|
| Hostname | A comma-separated list of hostnames to filter by. |
| Image IDs | A comma-separated list of image IDs to filter by. |
| Limit | The maximum number of items to return from a collection. |
| Offset | The offset of the first item to return from a collection. |
| Reverse | Select to sort the results in reverse order. |
| Sort By | Sort the results using a key. |
Advanced Parameters
| Parameter | Description |
|---|---|
| App Embedded Defender | Select to filter results based on whether the images have been scanned by App-Embedded Defenders. |
| Cluster Names | A comma-separated list of cluster names to filter by. |
| Compact Image Data | Select to return the minimal image data. If selected information about vulnerabilities, compliance and extended image metadata are skipped. |
| Compliance IDs | A comma-separated list of compliance IDs to filter by. |
| Compliance Rule Name | The compliance rule name to filter by. |
| Fields to Retrieve | A comma-separated list of fields to include in the response. |
| Filter Base Images For Vulnerabilities | Select to filter the base image for vulnerabilities. Note: Requires predefined base images that have already been scanned. |
| Host Name Scanned by Agentless Scanner | Select to retrieve host names that are scanned by agentless scanning. |
| Image Names | A comma-separated list of image names to filter by. |
| Image scanned by CSA | Select to retrieves only images scanned by CSA. |
| Normalized Severity | Select to retrieve the results in a normalized form of Low, Medium, High, Critical, based on vulnerability severity. |
| Registry Names | A comma-separated list of image registry names to filter by. |
| Repository Names | A comma-separated list of image repository names to filter by. |
| Specific Image Layers | Select if the CVEs are mapped to a specific image layer. |
| Trust Statuses | A comma-separated list of trust statuses to filter by. |
| Uai ID | Filter the results by uaiID. |
Example Output
Copy
Ask AI
[
{
"Secrets": [
"string"
],
"_id": "string",
"agentless": true,
"aisUUID": "string",
"allCompliance": {
"compliance": [
{
"applicableRules": [
"string"
],
"binaryPkgs": [
"string"
],
"block": true,
"cause": "string",
"cri": true,
"custom": true,
"cve": "string",
"cvss": 0,
"description": "string",
"discovered": "2024-07-29T15:51:28.071Z",
"exploit": [
"",
"exploit-db",
"exploit-windows",
"cisa-kev"
],
"exploits": [
{
"kind": [
"poc",
"in-the-wild"
],
"link": "string",
"source": [
"",
"exploit-db",
"exploit-windows",
"cisa-kev"
]
}
],
"fixDate": 0,
"fixLink": "string",
"functionLayer": "string",
"gracePeriodDays": 0,
"id": 0,
"isRPMModule": true,
"layerTime": 0,
"link": "string",
"packageName": "string",
"packageType": [
"nodejs",
"gem"
],
"packageVersion": "string",
"published": 0,
"riskFactors": {},
"rpmModule": "string",
"secret": {
"group": "string",
"locationInFile": "string",
"metadataModifiedTime": 0,
"modifiedTime": 0,
"originalFileLocation": "string",
"path": "string",
"permissions": "string",
"secretID": "string",
"size": 0,
"snippet": "string",
"type": [
"AWS Access Key ID",
"AWS Secret Key"
],
"user": "string"
},
"severity": "string",
"status": "string",
"templates": [
"PCI",
"HIPAA"
],
"text": "string",
"title": "string",
"twistlock": true,
"type": [
"container",
"image"
],
"vecStr": "string",
"vulnTagInfos": [
{
"color": "string",
"comment": "string",
"name": "string"
}
],
"wildfireMalware": {
"md5": "string",
"path": "string",
"verdict": "string"
}
}
],
"enabled": true
},
"appEmbedded": true,
"applications": [
{
"installedFromPackage": true,
"knownVulnerabilities": 0,
"layerTime": 0,
"md5": "string",
"name": "string",
"originPackageName": "string",
"path": "string",
"rpmModule": "string",
"service": true,
"version": "string"
}
],
"baseImage": "string",
"binaries": [
{
"altered": true,
"cveCount": 0,
"deps": [
"string"
],
"fileMode": 0,
"functionLayer": "string",
"md5": "string",
"missingPkg": true,
"name": "string",
"path": "string",
"pkgRootDir": "string",
"services": [
"string"
],
"version": "string"
}
],
"caasSpecReferencesLaunchTypes": [
"string"
],
"caasSpecReferencesServiceTypes": [
"aws-ecr",
"aws-lambda"
],
"caasSpecReferencesTotal": 0,
"cloudMetadata": {
"accountID": "string",
"awsExecutionEnv": "string",
"azure": {
"aci": {
"containerGroup": "string"
},
"resourceGroup": "string"
},
"gcp": {
"cloudRun": {
"revision": "string",
"service": "string"
}
},
"image": "string",
"labels": [
{
"key": "string",
"sourceName": "string",
"sourceType": [
"namespace",
"deployment"
],
"timestamp": "2024-07-29T15:51:28.071Z",
"value": "string"
}
],
"name": "string",
"ociTenantID": "string",
"provider": [
"aws",
"azure"
],
"region": "string",
"resourceID": "string",
"resourceURL": "string",
"type": "string",
"vmID": "string",
"vmImageID": "string"
},
"clusterType": [
"AKS",
"ECS"
],
"clusters": [
"string"
],
"collections": [
"string"
],
"complianceDistribution": {
"critical": 0,
"high": 0,
"low": 0,
"medium": 0,
"total": 0
},
"complianceIssues": [
{
"applicableRules": [
"string"
],
"binaryPkgs": [
"string"
],
"block": true,
"cause": "string",
"cri": true,
"custom": true,
"cve": "string",
"cvss": 0,
"description": "string",
"discovered": "2024-07-29T15:51:28.071Z",
"exploit": [
"",
"exploit-db",
"exploit-windows",
"cisa-kev"
],
"exploits": [
{
"kind": [
"poc",
"in-the-wild"
],
"link": "string",
"source": [
"",
"exploit-db",
"exploit-windows",
"cisa-kev"
]
}
],
"fixDate": 0,
"fixLink": "string",
"functionLayer": "string",
"gracePeriodDays": 0,
"id": 0,
"isRPMModule": true,
"layerTime": 0,
"link": "string",
"packageName": "string",
"packageType": [
"nodejs",
"gem"
],
"packageVersion": "string",
"published": 0,
"riskFactors": {},
"rpmModule": "string",
"secret": {
"group": "string",
"locationInFile": "string",
"metadataModifiedTime": 0,
"modifiedTime": 0,
"originalFileLocation": "string",
"path": "string",
"permissions": "string",
"secretID": "string",
"size": 0,
"snippet": "string",
"type": [
"AWS Access Key ID",
"AWS Secret Key"
],
"user": "string"
},
"severity": "string",
"status": "string",
"templates": [
"PCI",
"HIPAA"
],
"text": "string",
"title": "string",
"twistlock": true,
"type": [
"container",
"image"
],
"vecStr": "string",
"vulnTagInfos": [
{
"color": "string",
"comment": "string",
"name": "string"
}
],
"wildfireMalware": {
"md5": "string",
"path": "string",
"verdict": "string"
}
}
],
"complianceIssuesCount": 0,
"complianceRiskScore": 0,
"compressed": true,
"compressedLayerTimes": {
"appTimes": [
0
],
"pkgsTimes": [
{
"pkgTimes": [
0
],
"pkgsType": [
"nodejs",
"gem"
]
}
]
},
"creationTime": "2024-07-29T15:51:28.071Z",
"csa": true,
"csaWindows": true,
"distro": "string",
"ecsClusterName": "string",
"err": "string",
"errCode": 0,
"externalLabels": [
{
"key": "string",
"sourceName": "string",
"sourceType": [
"namespace",
"deployment"
],
"timestamp": "2024-07-29T15:51:28.071Z",
"value": "string"
}
],
"files": [
{
"md5": "string",
"original_file_location": "string",
"path": "string",
"sha1": "string",
"sha256": "string"
}
],
"firewallProtection": {
"enabled": true,
"outOfBandMode": [
"",
"Observation",
"Protection"
],
"ports": [
0
],
"supported": true,
"tlsPorts": [
0
],
"unprotectedProcesses": [
{
"port": 0,
"process": "string",
"tls": true
}
]
},
"firstScanTime": "2024-07-29T15:51:28.071Z",
"foundSecrets": [
{
"group": "string",
"locationInFile": "string",
"metadataModifiedTime": 0,
"modifiedTime": 0,
"originalFileLocation": "string",
"path": "string",
"permissions": "string",
"secretID": "string",
"size": 0,
"snippet": "string",
"type": [
"AWS Access Key ID",
"AWS Secret Key"
],
"user": "string"
}
],
"history": [
{
"baseLayer": true,
"created": 0,
"emptyLayer": true,
"id": "string",
"instruction": "string",
"sizeBytes": 0,
"tags": [
"string"
],
"vulnerabilities": [
{
"applicableRules": [
"string"
],
"binaryPkgs": [
"string"
],
"block": true,
"cause": "string",
"cri": true,
"custom": true,
"cve": "string",
"cvss": 0,
"description": "string",
"discovered": "2024-07-29T15:51:28.071Z",
"exploit": [
"",
"exploit-db",
"exploit-windows",
"cisa-kev"
],
"exploits": [
{
"kind": [
"poc",
"in-the-wild"
],
"link": "string",
"source": [
"",
"exploit-db",
"exploit-windows",
"cisa-kev"
]
}
],
"fixDate": 0,
"fixLink": "string",
"functionLayer": "string",
"gracePeriodDays": 0,
"id": 0,
"isRPMModule": true,
"layerTime": 0,
"link": "string",
"packageName": "string",
"packageType": [
"nodejs",
"gem"
],
"packageVersion": "string",
"published": 0,
"riskFactors": {},
"rpmModule": "string",
"secret": {
"group": "string",
"locationInFile": "string",
"metadataModifiedTime": 0,
"modifiedTime": 0,
"originalFileLocation": "string",
"path": "string",
"permissions": "string",
"secretID": "string",
"size": 0,
"snippet": "string",
"type": [
"AWS Access Key ID",
"AWS Secret Key"
],
"user": "string"
},
"severity": "string",
"status": "string",
"templates": [
"PCI",
"HIPAA"
],
"text": "string",
"title": "string",
"twistlock": true,
"type": [
"container",
"image"
],
"vecStr": "string",
"vulnTagInfos": [
{
"color": "string",
"comment": "string",
"name": "string"
}
],
"wildfireMalware": {
"md5": "string",
"path": "string",
"verdict": "string"
}
}
]
}
],
"hostDevices": [
{
"ip": "string",
"name": "string"
}
],
"hostRuntimeEnabled": true,
"hostname": "string",
"hosts": {},
"id": "string",
"image": {
"created": "2024-07-29T15:51:28.071Z",
"entrypoint": [
"string"
],
"env": [
"string"
],
"healthcheck": true,
"history": [
{
"baseLayer": true,
"created": 0,
"emptyLayer": true,
"id": "string",
"instruction": "string",
"sizeBytes": 0,
"tags": [
"string"
],
"vulnerabilities": [
{
"applicableRules": [
"string"
],
"binaryPkgs": [
"string"
],
"block": true,
"cause": "string",
"cri": true,
"custom": true,
"cve": "string",
"cvss": 0,
"description": "string",
"discovered": "2024-07-29T15:51:28.071Z",
"exploit": [
"",
"exploit-db",
"exploit-windows",
"cisa-kev"
],
"exploits": [
{
"kind": [
"poc",
"in-the-wild"
],
"link": "string",
"source": [
"",
"exploit-db",
"exploit-windows",
"cisa-kev"
]
}
],
"fixDate": 0,
"fixLink": "string",
"functionLayer": "string",
"gracePeriodDays": 0,
"id": 0,
"isRPMModule": true,
"layerTime": 0,
"link": "string",
"packageName": "string",
"packageType": [
"nodejs",
"gem"
],
"packageVersion": "string",
"published": 0,
"riskFactors": {},
"rpmModule": "string",
"secret": {
"group": "string",
"locationInFile": "string",
"metadataModifiedTime": 0,
"modifiedTime": 0,
"originalFileLocation": "string",
"path": "string",
"permissions": "string",
"secretID": "string",
"size": 0,
"snippet": "string",
"type": [
"AWS Access Key ID",
"AWS Secret Key"
],
"user": "string"
},
"severity": "string",
"status": "string",
"templates": [
"PCI",
"HIPAA"
],
"text": "string",
"title": "string",
"twistlock": true,
"type": [
"container",
"image"
],
"vecStr": "string",
"vulnTagInfos": [
{
"color": "string",
"comment": "string",
"name": "string"
}
],
"wildfireMalware": {
"md5": "string",
"path": "string",
"verdict": "string"
}
}
]
}
],
"id": "string",
"labels": {},
"layers": [
"string"
],
"os": "string",
"repoDigest": [
"string"
],
"repoTags": [
"string"
],
"user": "string",
"workingDir": "string"
},
"installedProducts": {
"agentless": true,
"apache": "string",
"awsCloud": true,
"clusterType": [
"AKS",
"ECS"
],
"crio": true,
"docker": "string"
},
"instances": [
{
"host": "string",
"image": "string",
"modified": "2024-07-29T15:51:28.071Z",
"registry": "string",
"repo": "string",
"tag": "string"
}
],
"isARM64": true,
"k8sClusterAddr": "string",
"labels": [
"string"
],
"layers": [
"string"
],
"malwareAnalyzedTime": "2024-07-29T15:51:28.071Z",
"missingDistroVulnCoverage": true,
"namespaces": [
"string"
],
"osDistro": "string",
"osDistroRelease": "string",
"osDistroVersion": "string",
"packageManager": true,
"packages": [
{
"pkgs": [
{
"author": "string",
"binaryIdx": [
0
],
"binaryPkgs": [
"string"
],
"cveCount": 0,
"defaultGem": true,
"files": [
{
"md5": "string",
"original_file_location": "string",
"path": "string",
"sha1": "string",
"sha256": "string"
}
],
"functionLayer": "string",
"goPkg": true,
"isRPMModule": true,
"jarIdentifier": "string",
"layerTime": 0,
"license": "string",
"md5": "string",
"name": "string",
"originPackageName": "string",
"osPackage": true,
"path": "string",
"purl": "string",
"rpmModule": "string",
"securityRepoPkg": true,
"symbols": [
"string"
],
"version": "string"
}
],
"pkgsType": [
"nodejs",
"gem"
]
}
],
"pullDuration": 0,
"pushTime": "2024-07-29T15:51:28.071Z",
"redHatNonRPMImage": true,
"registryNamespace": "string",
"registryTags": [
"string"
],
"registryType": "string",
"repoDigests": [
"string"
],
"repoTag": {
"digest": "string",
"id": "string",
"registry": "string",
"repo": "string",
"tag": "string"
},
"rhelRepos": [
"string"
],
"rhelReposRelativeURLs": [
"string"
],
"riskFactors": {},
"scanBuildDate": "string",
"scanDuration": 0,
"scanID": 0,
"scanTime": "2024-07-29T15:51:28.071Z",
"scanVersion": "string",
"secretScanMetrics": {
"failedScans": 0,
"foundSecrets": 0,
"scanTime": 0,
"scanTimeouts": 0,
"scannedFileSize": 0,
"scannedFiles": 0,
"totalBytes": 0,
"totalFiles": 0,
"totalTime": 0,
"typesCount": {}
},
"startupBinaries": [
{
"altered": true,
"cveCount": 0,
"deps": [
"string"
],
"fileMode": 0,
"functionLayer": "string",
"md5": "string",
"missingPkg": true,
"name": "string",
"path": "string",
"pkgRootDir": "string",
"services": [
"string"
],
"version": "string"
}
],
"stopped": true,
"tags": [
{
"digest": "string",
"id": "string",
"registry": "string",
"repo": "string",
"tag": "string"
}
],
"topLayer": "string",
"trustResult": {
"groups": [
{
"_id": "string",
"disabled": true,
"images": [
"string"
],
"layers": [
"string"
],
"modified": "2024-07-29T15:51:28.071Z",
"name": "string",
"notes": "string",
"owner": "string",
"previousName": "string"
}
],
"hostsStatuses": [
{
"host": "string",
"status": [
"trusted",
"untrusted"
]
}
]
},
"trustStatus": [
"trusted",
"untrusted"
],
"twistlockImage": true,
"type": [
"image",
"ciImage"
],
"underlyingDistro": "string",
"underlyingDistroRelease": "string",
"vulnerabilities": [
{
"applicableRules": [
"string"
],
"binaryPkgs": [
"string"
],
"block": true,
"cause": "string",
"cri": true,
"custom": true,
"cve": "string",
"cvss": 0,
"description": "string",
"discovered": "2024-07-29T15:51:28.071Z",
"exploit": [
"",
"exploit-db",
"exploit-windows",
"cisa-kev"
],
"exploits": [
{
"kind": [
"poc",
"in-the-wild"
],
"link": "string",
"source": [
"",
"exploit-db",
"exploit-windows",
"cisa-kev"
]
}
],
"fixDate": 0,
"fixLink": "string",
"functionLayer": "string",
"gracePeriodDays": 0,
"id": 0,
"isRPMModule": true,
"layerTime": 0,
"link": "string",
"packageName": "string",
"packageType": [
"nodejs",
"gem"
],
"packageVersion": "string",
"published": 0,
"riskFactors": {},
"rpmModule": "string",
"secret": {
"group": "string",
"locationInFile": "string",
"metadataModifiedTime": 0,
"modifiedTime": 0,
"originalFileLocation": "string",
"path": "string",
"permissions": "string",
"secretID": "string",
"size": 0,
"snippet": "string",
"type": [
"AWS Access Key ID",
"AWS Secret Key"
],
"user": "string"
},
"severity": "string",
"status": "string",
"templates": [
"PCI",
"HIPAA"
],
"text": "string",
"title": "string",
"twistlock": true,
"type": [
"container",
"image"
],
"vecStr": "string",
"vulnTagInfos": [
{
"color": "string",
"comment": "string",
"name": "string"
}
],
"wildfireMalware": {
"md5": "string",
"path": "string",
"verdict": "string"
}
}
],
"vulnerabilitiesCount": 0,
"vulnerabilityDistribution": {
"critical": 0,
"high": 0,
"low": 0,
"medium": 0,
"total": 0
},
"vulnerabilityRiskScore": 0,
"wildFireUsage": {
"bytes": 0,
"queries": 0,
"uploads": 0
}
}
]
Workflow Library Example
List Image Scan Results with Prisma Cloud Cwp and Send Results Via Email