Learn about the detailed information contained in the Prisma™ Cloud alert payload.
A Prisma™ Cloud alert payload is a JSON data object that contains detailed information about an alert, such as the cloud account, resource, compliance standard, and policy.
Alert Payload Field
The ID of the cloud account where the violation that triggered the alert occurred.
Name of the cloud account where Prisma Cloud detected the policy violation.
Identification number of the alert.
Alert Rule Name
Name of the alert rule that triggered this alert.
The URL for the alert in Prisma Cloud.
Type of cloud account: AWS, Azure, or GCP.
Description of the policy as shown within Prisma Cloud.
Universally unique identification (UUID) number of the policy.
Labels associated with the policy.
Name of the policy.
Remediation recommendations for the policy.
Saved Search UUID
Universally unique identification (UUID) number of the saved search.
The CLI commands that you can use to resolve the policy violation.
Compliance Standard name
Name of the compliance standard.
Compliance Standard description
Description of the compliance standard.
Identification number of the requirement in the compliance standard.
Name of the requirement in the compliance standard.
Identification number of the section in the compliance standard.
Description of the section in the compliance standard.
ID number of the compliance standard.
Indicates whether the compliance standard is Prisma Cloud System Default.
Indicates if the compliance standard is assigned to a policy.
Resource Cloud Service
Cloud service provider of the resource that triggered the alert.
The JSON data of the resource.
ID of the resource that triggered the alert.
Name of the resource that triggered the alert.
Name of the cloud region to which the resource belongs.
Resource Region ID
ID of the region to which the cloud resource belongs.
Type of resource that triggered the alert (for example, EC2 instance or S3 bucket).
Severity of the alert: High, Medium, or Low.
User Attribution data
Data about the user who created or modified the resource and caused the alert.
For alert notifications to include user attribution data, you must
Populate User Attribution In Alerts Notifications(
). Including user attribution data may delay alert notifications because the information may not be available from the cloud provider when Prisma Cloud is ready to generate the alert.
Recommended For You
Recommended videos not found.