Palo Alto Networks · JSON Structure

Prisma Cloud Cspm Api Alert Structure

Alert schema from Palo Alto Networks Prisma Cloud CSPM API

Type: object Properties: 9
Cloud SecurityCybersecurityFirewallNetwork SecuritySASESOARThreat IntelligenceXDR

Alert is a JSON Structure definition published by Palo Alto Networks, describing 9 properties. It conforms to the https://json-structure.org/meta/core/v0/# meta-schema.

Properties

id status reason firstSeen lastSeen alertTime policy resource riskDetail

Meta-schema: https://json-structure.org/meta/core/v0/#

JSON Structure

Raw ↑ 
{
  "$schema": "https://json-structure.org/meta/core/v0/#",
  "$id": "https://raw.githubusercontent.com/api-evangelist/palo-alto-networks/refs/heads/main/json-structure/prisma-cloud-cspm-api-alert-structure.json",
  "name": "Alert",
  "description": "Alert schema from Palo Alto Networks Prisma Cloud CSPM API",
  "type": "object",
  "properties": {
    "id": {
      "type": "string",
      "description": "Unique alert identifier."
    },
    "status": {
      "type": "string",
      "description": "Current alert status.",
      "enum": [
        "open",
        "dismissed",
        "snoozed",
        "resolved"
      ]
    },
    "reason": {
      "type": "string",
      "description": "Reason for the current alert status."
    },
    "firstSeen": {
      "type": "int32",
      "description": "Epoch timestamp in milliseconds when the alert was first generated."
    },
    "lastSeen": {
      "type": "int32",
      "description": "Epoch timestamp in milliseconds when the alert was last seen."
    },
    "alertTime": {
      "type": "int32",
      "description": "Epoch timestamp in milliseconds of the alert."
    },
    "policy": {
      "type": "object",
      "description": "Policy that generated this alert.",
      "properties": {
        "policyId": {
          "type": "string"
        },
        "policyType": {
          "type": "string"
        },
        "name": {
          "type": "string"
        },
        "severity": {
          "type": "string",
          "enum": [
            "critical",
            "high",
            "medium",
            "low",
            "informational"
          ]
        },
        "recommendation": {
          "type": "string"
        }
      }
    },
    "resource": {
      "type": "object",
      "description": "Cloud resource associated with the alert.",
      "properties": {
        "rrn": {
          "type": "string",
          "description": "Prisma Cloud Resource RRN."
        },
        "id": {
          "type": "string"
        },
        "name": {
          "type": "string"
        },
        "cloudType": {
          "type": "string"
        },
        "accountId": {
          "type": "string"
        },
        "accountName": {
          "type": "string"
        },
        "regionId": {
          "type": "string"
        },
        "resourceType": {
          "type": "string"
        }
      }
    },
    "riskDetail": {
      "type": "object",
      "properties": {
        "score": {
          "type": "int32"
        },
        "rating": {
          "type": "string"
        }
      }
    }
  }
}