PrismaCloudAttribution

Supported versions

Supported Cortex XSOAR versions: 6.0.0 and later.

Recursively extracts specified fields from provided list of assets for Prisma Cloud attribution use case.

Script Data


NameDescription
Script Typepython3
Tags
Demisto Version6.0.0

Inputs


Argument NameDescription
assetsList of Prisma Cloud assets to return.
fieldsFields to be returned (comma separated).

Outputs


PathDescriptionType
PrismaCloud.Attribution.accountIdCloud Account IDUnknown
PrismaCloud.Attribution.accountNameCloud Account NameUnknown
PrismaCloud.Attribution.cloudTypeCloud TypeUnknown
PrismaCloud.Attribution.fqdnFQDNs associated to the resourceUnknown
PrismaCloud.Attribution.rrnResource RRNUnknown
PrismaCloud.Attribution.ipIPs associated to the resourceUnknown
PrismaCloud.Attribution.regionIdCloud Region IDUnknown
PrismaCloud.Attribution.hasAlertResource has Prisma Cloud AlertUnknown
PrismaCloud.Attribution.resourceNameResource NameUnknown
PrismaCloud.Attribution.resourceTypeResource TypeUnknown
PrismaCloud.Attribution.serviceCloud ServiceUnknown

Script Example

!PrismaCloudAttribution assets="${Redlock.Asset}"

Context Example

{
"PrismaCloud": {
"Attribution": [
{
"accountId": "123456",
"accountName": "aws-user-personal",
"cloudType": "aws",
"fqdn": [
"application-lb-123456.us-east-1.elb.amazonaws.com"
],
"hasAlert": false,
"id": "arn:aws:elasticloadbalancing:us-east-1:123456:loadbalancer/app/application-lb/1398164320221c02",
"ip": null,
"regionId": "us-east-1",
"resourceName": "application-lb",
"resourceType": "Managed Load Balancer",
"rrn": "rrn::managedLb:us-east-1:123456:b38d940663c047b02c2116be49695cf353976dff:arn%3Aaws%3Aelasticloadbalancing%3Aus-east-1%3A123456%3Aloadbalancer%2Fapp%2Fapplication-lb%2F1398164320221c02",
"service": "Amazon Elastic Load Balancing"
},
{
"accountId": "123456",
"accountName": "aws-user-personal",
"cloudType": "aws",
"fqdn": [
"ec2-35-180-1-1.eu-west-3.compute.amazonaws.com"
],
"hasAlert": false,
"id": "i-654321b",
"ip": [
"35.180.1.1"
],
"regionId": "eu-west-3",
"resourceName": "testvm",
"resourceType": "Instance",
"rrn": "rrn::instance:eu-west-3:123456:9db2db5fdba47606863c8da86d3ae594fb5aee2b:i-654321b",
"service": "Amazon EC2"
}
]
}
}

Human Readable Output

Results

accountIdaccountNamecloudTypefqdnhasAlertidipregionIdresourceNameresourceTyperrnservice
12345aws-user-personalawsapplication-lb-624166765.us-east-1.elb.amazonaws.comfalsearn:aws:elasticloadbalancing:us-east-1:12345:loadbalancer/app/application-lb/1398164320221c02us-east-1application-lbManaged Load Balancerrrn::managedLb:us-east-1:12345:b38d940663c047b02c2116be49695cf353976dff:arn%3Aaws%3Aelasticloadbalancing%3Aus-east-1%3A12345%3Aloadbalancer%2Fapp%2Fapplication-lb%2F1398164320221c02Amazon Elastic Load Balancing
12345aws-user-personalawsec2-35-180-1-1.eu-west-3.compute.amazonaws.comfalsei-65432135.180.1.1eu-west-3testvmInstancerrn::instance:eu-west-3:12345:9db2db5fdba47606863c8da86d3ae594fb5aee2b:i-654321Amazon EC2