- 18 Mar 2025
- 2 Minutes to read
- Print
- DarkLight
Palo Alto Prisma Cloud
- Updated on 18 Mar 2025
- 2 Minutes to read
- Print
- DarkLight
Palo Alto Prisma Cloud cloud security platform safeguards data and applications across various cloud environments. It offers threat detection, vulnerability management in a unified solution. More information can be found at Prisma Cloud website.
Integration Method: API
Tables: Compliance Finding Class (2003)
This integration supports the following events.
Event | Description |
---|---|
Alerts | Get list of alerts |
This integration supports the following versions.
Prisma Cloud Version Tested | v25.1.1 |
Prisma Cloud API version | v32.0 |
Prerequisites
The user should have access to the Prisma Cloud for creating Secret Access key and Key Id.
The user should have access to the DataBee console.
Configuration Overview
Generate the Secret Access key and Key Id on the Prisma Cloud.
Add the Prisma Cloud data feed integration in the DataBee console with the required Secret Access key and Key Id.
DataBee Parameter
Prisma Cloud Parameter
Secret Key
Secret Access Key
Key Id
Access Key Id
Prisma Cloud Configuration
Start by creating an API Token for the integration.
Login to Prisma Cloud account with your account credentials. In the web link you can find the tenant’s instance.
In Palo Alto Prisma Cloud Platform, navigate to Settings > Access Control.
3. Select Access Keys and then click on Add Button on the upper right corner.
4. Add the Name of that access key and click on Save.
5. Copy the Access Key ID and Secret Access Key. You will not be able to view the API Key again after you complete this step. Ensure that you copy it before closing the notification.
Note:
You will not be able to view the API Key again after you complete this step. Ensure that you copy it before closing the notification.
DataBee Configuration
Login to the DataBee UI, navigate to Data > Data Feeds and click the Add New Data Feed button.
Search for the Palo Alto Prisma Cloud and click it as shown below.
Click on the API Ingest option for collection method.
Enter feed contact information and click Next.
In the configuration page, confirm the following:
API Base URL: this is the base URL that DataBee will interact with. Replace the placeholder <instance> with instance information.
Authorization Method: Token URL Auth
Token URL: replace the placeholder <instance> with instance information.
Secret Key: paste the Secret Access Key value generated earlier.
Key Id: paste the Access Key Id value generated earlier.
Event types: preselected for all the event types that integration pulls.
6. Click Submit.
Troubleshooting Tips
Ensure the Secret Key and Key Id are pasted correctly. Since you cannot view the keys after the 1st time, re-create the token, paste it on a text editor to ensure no spaces or unexpected characters are included and reconfigure the DataBee feed.
Ensure the placeholder <instance> is replaced with instance information in API Base URL and Token URL.