Skip to main content
Retrieve all scan reports for the serverless functions which Prisma Cloud was configured to scan.
External DocumentationTo learn more, visit the Prisma Cloud CWP documentation.

Basic Parameters

ParameterDescription
Cloud Controller AddressesA comma-separated list of cloud controller addresses that host the serverless function to filter by.
Cloud Function IDsA comma-separated list of cloud function IDs to filter by.
LimitThe maximum number of items to return from a collection.
OffsetThe offset of the first item to return from a collection.
ReverseSelect to sort the results in reverse order.
Sort BySort the results using a key.

Advanced Parameters

ParameterDescription
AWS Lambda LayersA comma-separated list of AWS lambda function layers to filter by.
Cloud Function VersionsA comma-separated list of cloud function versions to filter by.
Cloud OSs and ArchitecturesA comma-separated list of OSs and architectures to filter by.
Cloud RuntimesA comma-separated list of cloud runtimes to filter by.
Compliance IDsA comma-separated list of compliance IDs to filter by.
Compliance Rule NameThe compliance rule name to filter by.
Normalized SeveritySelect to retrieve the results in a normalized form of Low, Medium, High, Critical, based on vulnerability severity.
Protected by DefenderSelect to filter the results based on whether the cloud function is protected by a Defender.

Example Output

[
	{
		"Secrets": [
			"string"
		],
		"_id": "string",
		"accountID": "string",
		"allCompliance": {
			"compliance": [
				{
					"applicableRules": [
						"string",
						"rule2"
					],
					"binaryPkgs": [
						"string",
						"pkg2"
					],
					"block": true,
					"cause": "string",
					"cri": true,
					"custom": true,
					"cve": "string",
					"cvss": 0,
					"description": "string",
					"discovered": "2024-07-29T15:51:28.071Z",
					"exploit": [
						"",
						"exploit-db"
					],
					"exploits": [
						{
							"kind": [
								"poc",
								"in-the-wild"
							],
							"link": "string",
							"source": [
								"",
								"exploit-db"
							]
						}
					],
					"fixDate": 0,
					"fixLink": "string",
					"functionLayer": "string",
					"gracePeriodDays": 0,
					"id": 0,
					"isRPMModule": true,
					"layerTime": 0,
					"link": "string",
					"packageName": "string",
					"packageType": [
						"nodejs",
						"gem"
					],
					"packageVersion": "string",
					"published": 0,
					"riskFactors": {},
					"rpmModule": "string",
					"secret": {
						"group": "string",
						"locationInFile": "string",
						"metadataModifiedTime": 0,
						"modifiedTime": 0,
						"originalFileLocation": "string",
						"path": "string",
						"permissions": "string",
						"secretID": "string",
						"size": 0,
						"snippet": "string",
						"type": [
							"AWS Access Key ID",
							"AWS Secret Key"
						],
						"user": "string"
					},
					"severity": "string",
					"status": "string",
					"templates": [
						"PCI",
						"HIPAA",
						"NIST SP 800-190"
					],
					"text": "string",
					"title": "string",
					"twistlock": true,
					"type": [
						"container",
						"image"
					],
					"vecStr": "string",
					"vulnTagInfos": [
						{
							"color": "string",
							"comment": "string",
							"name": "string"
						}
					],
					"wildfireMalware": {
						"md5": "string",
						"path": "string",
						"verdict": "string"
					}
				}
			],
			"enabled": true
		},
		"applicationName": "string",
		"applications": [
			{
				"installedFromPackage": true,
				"knownVulnerabilities": 0,
				"layerTime": 0,
				"md5": "string",
				"name": "string",
				"originPackageName": "string",
				"path": "string",
				"rpmModule": "string",
				"service": true,
				"version": "string"
			}
		],
		"architecture": "string",
		"baseImage": "string",
		"binaries": [
			{
				"altered": true,
				"cveCount": 0,
				"deps": [
					"string",
					"dep2"
				],
				"fileMode": 0,
				"functionLayer": "string",
				"md5": "string",
				"missingPkg": true,
				"name": "string",
				"path": "string",
				"pkgRootDir": "string",
				"services": [
					"svc1",
					"svc2"
				],
				"version": "string"
			}
		],
		"cloudControllerAddress": "string",
		"cloudMetadata": {
			"accountID": "string",
			"awsExecutionEnv": "string",
			"azure": {
				"aci": {
					"containerGroup": "string"
				},
				"resourceGroup": "string"
			},
			"gcp": {
				"cloudRun": {
					"revision": "string",
					"service": "string"
				}
			},
			"image": "string",
			"labels": [
				{
					"key": "string",
					"sourceName": "string",
					"sourceType": [
						"namespace",
						"deployment"
					],
					"timestamp": "2024-07-29T15:51:28.071Z",
					"value": "string"
				}
			],
			"name": "string",
			"ociTenantID": "string",
			"provider": [
				"aws",
				"azure",
				"gcp"
			],
			"region": "string",
			"resourceID": "string",
			"resourceURL": "string",
			"type": "string",
			"vmID": "string",
			"vmImageID": "string"
		},
		"clusterType": [
			"AKS",
			"ECS"
		],
		"clusters": [
			"string"
		],
		"collections": [
			"string"
		],
		"complianceDistribution": {
			"critical": 0,
			"high": 0,
			"low": 0,
			"medium": 0,
			"total": 0
		},
		"complianceIssues": [
			{
				"applicableRules": [
					"rule1",
					"rule2"
				],
				"binaryPkgs": [
					"pkg1",
					"pkg2"
				],
				"block": true,
				"cve": "string",
				"cvss": 0,
				"description": "string",
				"discovered": "2024-07-29T15:51:28.071Z",
				"exploit": [
					"",
					"exploit-db"
				],
				"exploits": [
					{
						"kind": [
							"poc",
							"in-the-wild"
						],
						"link": "string",
						"source": [
							"exploit-db",
							"exploit-windows"
						]
					}
				],
				"fixLink": "string",
				"gracePeriodDays": 0,
				"packageName": "string",
				"packageType": [
					"nodejs",
					"gem"
				],
				"severity": "string",
				"templates": [
					"PCI",
					"HIPAA",
					"GDPR"
				],
				"type": [
					"container",
					"image"
				],
				"vulnTagInfos": [
					{
						"color": "string",
						"comment": "string",
						"name": "string"
					}
				]
			}
		],
		"complianceIssuesCount": 0,
		"complianceRiskScore": 0,
		"creationTime": "2024-07-29T15:51:28.071Z",
		"defended": true,
		"description": "string",
		"envvars": [
			"string",
			"VAR2"
		],
		"files": [
			{
				"md5": "string",
				"original_file_location": "string",
				"path": "string",
				"sha1": "string",
				"sha256": "string"
			}
		],
		"foundSecrets": [
			{
				"group": "string",
				"path": "string",
				"type": [
					"AWS Access Key ID",
					"AWS Secret Key"
				]
			}
		],
		"functionLayers": [
			{
				"id": "string",
				"name": "string",
				"version": "string"
			}
		],
		"functionTags": [
			{
				"key": "string",
				"sourceType": [
					"namespace",
					"deployment"
				],
				"value": "string"
			}
		],
		"history": [
			{
				"baseLayer": true,
				"created": 0,
				"id": "string",
				"instruction": "string",
				"tags": [
					"string",
					"tag2"
				],
				"vulnerabilities": [
					{
						"cve": "string",
						"cvss": 0,
						"exploit": [
							"",
							"exploit-db"
						],
						"packageType": [
							"nodejs",
							"gem"
						],
						"severity": "string"
					}
				]
			}
		],
		"hostDevices": [
			{
				"ip": "string",
				"name": "string"
			}
		],
		"hostname": "string",
		"id": "string",
		"image": {
			"created": "2024-07-29T15:51:28.071Z",
			"entrypoint": [
				"string"
			],
			"env": [
				"string"
			],
			"history": [
				{
					"baseLayer": true,
					"created": 0,
					"instruction": "string",
					"tags": [
						"tag1",
						"tag2"
					],
					"vulnerabilities": [
						{
							"cve": "string",
							"cvss": 0,
							"exploit": [
								"",
								"exploit-db"
							],
							"packageType": [
								"nodejs",
								"gem"
							],
							"severity": "string"
						}
					]
				}
			],
			"id": "string",
			"layers": [
				"string",
				"layer2"
			],
			"os": "string",
			"repoTags": [
				"string",
				"repo2"
			],
			"user": "string"
		},
		"installedProducts": {
			"agentless": true,
			"awsCloud": true,
			"clusterType": [
				"AKS",
				"ECS"
			],
			"docker": "string",
			"kubernetes": "string",
			"serverless": true
		},
		"isARM64": true,
		"labels": [
			"string",
			"label2"
		],
		"lastModified": "2024-07-29T15:51:28.071Z",
		"layers": [
			"string",
			"layer2"
		],
		"memory": 0,
		"namespaces": [
			"string",
			"ns2"
		],
		"osDistro": "string",
		"packages": [
			{
				"pkgs": [
					{
						"author": "string",
						"binaryPkgs": [
							"string",
							"pkg2"
						],
						"files": [
							{
								"md5": "string",
								"path": "string",
								"sha1": "string"
							},
							{
								"md5": "abc",
								"path": "xyz",
								"sha1": "def"
							}
						],
						"name": "string",
						"version": "string"
					}
				],
				"pkgsType": [
					"nodejs",
					"gem"
				]
			}
		],
		"platform": "string",
		"provider": [
			"aws",
			"azure"
		],
		"pushTime": "2024-07-29T15:51:28.071Z",
		"region": "string",
		"registryNamespace": "string",
		"registryTags": [
			"string",
			"tag2"
		],
		"repoDigests": [
			"string",
			"digest2"
		],
		"repoTag": {
			"digest": "string",
			"id": "string",
			"registry": "string",
			"repo": "string",
			"tag": "string"
		},
		"role": "string",
		"runtime": "string",
		"scanTime": "2024-07-29T15:51:28.071Z",
		"secretScanMetrics": {
			"failedScans": 0,
			"foundSecrets": 0,
			"scannedFiles": 0,
			"totalFiles": 0
		},
		"startupBinaries": [
			{
				"altered": true,
				"deps": [
					"string",
					"dep2"
				],
				"name": "string",
				"path": "string"
			}
		],
		"tags": [
			{
				"id": "string",
				"repo": "string",
				"tag": "string"
			},
			{
				"id": "str2",
				"repo": "repo2",
				"tag": "tag2"
			}
		],
		"timeout": 0,
		"type": [
			"image",
			"ciImage"
		],
		"vulnerabilities": [
			{
				"applicableRules": [
					"rule1",
					"rule2"
				],
				"binaryPkgs": [
					"pkg1",
					"pkg2"
				],
				"cve": "string",
				"cvss": 0,
				"description": "string",
				"exploit": [
					"",
					"exploit-db"
				],
				"packageType": [
					"nodejs",
					"gem"
				],
				"severity": "string",
				"templates": [
					"PCI",
					"HIPAA"
				],
				"type": [
					"container",
					"image"
				]
			}
		],
		"vulnerabilitiesCount": 0,
		"vulnerabilityDistribution": {
			"critical": 0,
			"high": 0,
			"low": 0,
			"medium": 0,
			"total": 0
		}
	}
]

Workflow Library Example

List Serverless Function Scan Results with Prisma Cloud Cwp and Send Results Via Email
Workflow LibraryPreview this Workflow on desktop