pcs-alert-rpt-email 
Generates alert report via email - reporting on top risks in last 24 hrs, top high risks and all risks, then breakdown by account. Also top 5 policies by count.
#Prisma Cloud Alert report email
Version: 1.0 Author: Eddie Beuerlein
Summary
Script pulls tenant and account level details on new and high risk counts for alerts, as well as top 5 policies in violation (including count) and sends in email report.
Requirements and Dependencies
-
Python 3.7 or newer
-
OpenSSL 1.0.2 or newer
(if using on Mac OS, additional items may be nessessary.)
- Pip
sudo easy_install pip
- Requests (Python library)
sudo pip install requests
- YAML (Python library)
sudo pip install pyyaml
- Email (Python library)
sudo pip install email.mime
sudo pip install smtplib
Configuration
-
Navigate to config/configs.yml
-
Fill out your Prisma Cloud access key/secret, and stack info. To determine stack, look at your browser when access console (appX.prismacloud.io, where X is the stack number. Change this to apiX.prismacloud.io and populate it in the configs.yml.
-
Navigate to *lib/email_helper.py:
- Set from address: self.from_address = "XXXX@gmail.com"
- Set mail server: self.email_srv = "smtp.gmail.com"
- Set mail server port: self.email_srv_port = "587"
- Set mail login usernname: self.username = "XXXXXXX@gmail.com"
- Set mail login password: self.password = "XYZABC123"
Run
python runner.py