1. Home
    2. Prisma
    3. Prisma Cloud
    4. Prisma™ Cloud Administrator's Guide
    5. Manage Prisma Cloud Alerts
    6. Create an Alert Rule for Build-Time Checks

    Create an Alert Rule for Build-Time Checks

    Use alert rules to define which policies to use for continuous monitoring of your build pipelines or detecting issues in code earlier in your software release lifecycle.
    Alert rules for build-time checks enable you to detect issues early in your production process. When you implement security practices and automated checks at the very beginning of the production cycle, you can reduce risk and compliance violations later in the asset or code management lifecycle.
    When you create a
    build
     alert rule, you select the configuration policies to which the rule applies and the corresponding set of tags for which you want to detect issues. When you set up the Prisma Cloud plugins, and specify the same tags in the config.yml file, the alert rule is matched with the tags to determine which policies you want to scan against and detect violations.
    Alert rules for build-time checks do not generate alerts on Prisma Cloud. You can view the scan results and trends for the IaC templates used in your processes and set up guardrails earlier in your business operations.
    1. Select
      Alerts
      Alert Rules
       and
      +Add New
       alert.
    2. Select
      Build
      .
      alerts-alert-rules-add-new-build.png
    3. Enter an
      Alert Rule Name
       and, optionally, a
      Description
       to communicate the purpose of the rule and then click
      Next
      .
    4. Select the
      Resource List
       to which you want this alert rule to apply and then click
      Next
      .
      The tags (key: value pairs) that you have defined within the resource list display.The policies that you select in this alert rule are used to scan IaC templates that match the tags listed in the attached resource list. To set one up, see Add a Resource List on Prisma Cloud.
      resource-list.png
      • When the IaC templates match the tags attached with the rule, the templates are scanned against the policies you select in the next step. Otherwise, the templates are scanned against all Prisma Cloud Configuration Policies of Subtype Build to detect any security issues. The scan used the failure criteria you defined when setting up the respective Prisma Cloud plugin, app, or extension to determine the scan result.
      • If you add multiple resource lists to an alert rule, each IaC template must match on all the tags includes in the resource lists.
        If you have multiple alert rules that match on the tags in an IaC template, the templates are scanned against all policies included in the rules.
    5. Select the policies you want this alert rule to scan.
      Either
      Select All Policies
       or select the specific policies that you want to scan.To help you find the specific group of policies for which you want this rule to alert
      • Filter Results
        —Enter a search term to filter the list of policies to those with specific keywords.
      • Column Picker
        —Select ( column-picker.png ) to modify which columns to display.
      • Sort
        —Click the corresponding
        Sort
         icon ( sort-column.png ) to sort on a specific column.
      alerts-alert-rules-add-new-build-select-policies.png
    6. Save
       the alert rule.
    7. To view the scan results for policy violations on IaC templates that are scanned against these rules, select
      Inventory
      DevOps
      .

    Recommended For You

    Recommended Videos

    Recommended videos not found.

    © 2021 Palo Alto Networks, Inc. All rights reserved.

    Techdocs Logo