About the Device
Prism Cloud is an API-based cloud service that connects to your cloud environments in just minutes and aggregates volumes of raw configuration data, user activity information, and network traffic to analyze and produce concise and actionable insights.
It is a cloud infrastructure security solution and a Security Operations Center (SOC) enablement tool that enables you to address risks and secure your workloads in a heterogeneous environment (hybrid and multi-cloud) from a single console. It provides complete visibility and control over risks within your public cloud infrastructure and enables you to manage vulnerabilities, detect anomalies, ensure compliance, and provide runtime defense in heterogeneous environments, such as Windows, Linux, Kubernetes, Red Hat OpenShift, AWS Lambda, Azure Functions, and GCP Cloud Functions.
Device Information
Entity | Particulars |
---|---|
Vendor Name | Palo Alto Networks |
Product Name | Prisma Cloud |
Type of Device | Cloud |
Collection Method
Log Type | Ingestion label | Preferred Logging Protocol - Format | Log collection method | Data Source |
---|---|---|---|---|
Palo Alto Prisma Cloud | PAN_PRISMA_CLOUD | Prop Vendor API - JSON | C2C | https://cloud.google.com/chronicle/docs/reference/feed-management-api#pan-prisma-cloud |
Port Requirements
Source | Destination | Port |
---|---|---|
Palo Alto Networks Prisma Cloud | CyberHub | 601 (TCP) |
Device Configuration
Log in to Palo Alto Prisma Cloud Console using admin credentials and click Settings.
Click Access Keys.
Click + Add New and provide a name and click Create. Key expiry is optional (if a new key is chosen, it will need to be replaced when it expires, which could affect log collection).
Copy the Key Id and Secret Key displayed (this will be required for the feed configuration)
Integration Parameters
Parameters required from customer for Integration.
Property | Default Value | Description |
---|---|---|
USERNAME | Custom Value | The Prisma Cloud username (Client ID) |
PASSWORD | Custom Value | The Prisma Cloud password (Secret) |
API HOSTNAME | Custom Value | The Palo Alto Prisma Cloud API hostname |