Specific Cloud Assets

Cortex XDR enables you to view specific cloud assets from a designated cloud assets category in the Specific Cloud Asset pages.
Ingesting and Viewing Cloud Inventory Assets requires a
XDR
Pro per TB license.
The
Specific Cloud Assets
pages enable you to view specific cloud assets from a designated cloud assets category from all the assets you configured to collect from Google Cloud Platform, Microsoft Azure, and Amazon Web Services using the Cloud Inventory data collector. These asset cloud categories are based on a combination of asset types and subtypes. Each specific table contains the common columns that are listed in the All Cloud Assets table and some additional specific columns that are relevant for this type of cloud asset.
To view the
Specific Cloud Assets
pages, select
Assets
Cloud Inventory
Specific Cloud Assets
, and select a specific cloud asset category.
By default, the
Specific Cloud Assets
pages displays the cloud assets according to the most recent time that the data was updated. To search for specific assets, use the filters above the results table to narrow the results. You can export the tables and respective asset views to a tab-separated values (TSV) file. From the
Specific Cloud Assets
page, you can also manage the assets output using the right-click pivot menu. For more information, see Manage Your Cloud Inventory Assets.
When any row in the table is selected, a side panel on the right with greater details is displayed, where you can view additional data divided by sections, such as
Asset Metadata
and
Asset Editors
. The
Asset Editors
section also provides a link to open a predefined query in XQL Search on the
cloud_audit_log
dataset to view the edit operations by the identity selected for this asset in the last 7 days.
The image below is an example of a
Specific Cloud Assets
page for
Compute Instances
.
The table below describes for the different
Specific Cloud Assets
pages the following.
  • Specific Cloud Assets
    —The name of the specific cloud asset page.
  • Asset Type
    —The asset type that is automatically associated to this specific cloud asset page.
  • Asset Subtype
    —The asset subtype that is automatically associated to this specific cloud asset page.
  • Unique Fields
    —The unique fields that are only available when viewing this specific cloud asset page, and are displayed in addition to the common fields listed for All Cloud Assets page. These fields are exposed by default.
Specific Cloud Assets
Asset Type
Asset Subtype
Unique Fields
Compute Instances
Compute
Instance
  • MACHINE TYPE
    —Displays the type of machine.
  • LAST START TIME
    —Displays the last time the machine started.
Disks
Compute
Disk
  • DISK SIZE
    —Displays the disk size as an integer in GB.
  • DISK IS ENCRYPTED
    —Displays a boolean value as either
    Yes
    or
    No
    to indicate whether the disk is encrypted.
Storage Buckets
Storage
Bucket
  • BUCKET ACCESS
    —Displays the bucket access options as one of the following.
    • Public
    • Private
    • Fine Grained
    • Unknown
  • BUCKET LOCATION
    —Displays the bucket location as either
    Regional
    or
    Multi Regional
    .
Virtual Private Clouds (VPCs)
Compute
VPC
DEFAULT VPC
—Displays a boolean value as either
Yes
or
No
to indicate whether this asset is the default VPC.
Subnets
Compute
Subnet
No specific unique fields displayed in addition to the common fields.
Security Groups (FW Rules)
Compute
Security Group
No specific unique fields displayed in addition to the common fields.
Images
Compute
Image
No specific unique fields displayed in addition to the common fields.
Network Interfaces
Compute
Network Interfaces
No specific unique fields displayed in addition to the common fields.
Cloud Functions
Cloud Function
Cloud Function
No specific unique fields displayed in addition to the common fields.

Recommended For You