Prisma Cloud Asset Inventory
Use the Asset Inventory dashboard to see up-to-date information on all cloud resources that you are using Prisma Cloud to monitor and secure.
A new Asset Inventory is now available for Prisma Cloud tenants onboarded after October 15, 2022. On the Asset Inventory (on the ), the Asset Trend visualization now displays 90-day trend information at all times. The Asset Detail View replaces the Resource Explorer experience when traversing asset links throughout Prisma Cloud. The Asset History provides a historical view into the assets within the inventory.
Each row displays the service name with details on the cloud type, assets with alerts, assets with vulnerabilities, and the percentage of resources that pass policy checks to which you want to adhere. The links in each column help you explore and gain the additional context you may need to take action. The
Data as of:
value indicates the freshness of the snapshot of the data.
The
Assets with Alerts
column displays the total number of assets by alert severity for a specified group of assets and the Assets with Vulnerabilities
column displays the total number of assets by vulnerability severity for a specified group of assets. You can filter to view the inventory based on Date, Cloud Type, Azure Resource Group, Compliance Requirement, Compliance Standard, Resource Type, Compliance Section, Account Group, Cloud Account, Cloud Region, Alert Severity, and Vulnerability Severity.You can set the
Date
filter to Most Recent
to view the most recent state of the inventory or choose Custom
for any date within the last 90 days.- Asset Explorer: You can view the Asset Explorer by selecting a filterable subset of assets from the Asset Inventory. You can then select an asset from the Explorer view to access the Asset Detail view. Vulnerability Severity displays assets with known software vulnerabilities of a specific severity while Alert Severity displays assets with open alerts of a specific severity. You can use the Column Picker to show or hide columns.
- Asset Detail View: The Asset Detail View replaces the Resource Explorer. This view allows you to deep dive into asset details without losing its place within Prisma Cloud.
- Overview: Is the default tab and includes primary asset attributes. The "You are viewing the most recent data about this asset" text indicates that this is the most recent data for the asset regardless of the data roll-up time and it may be more up to date than the latest snapshot.
- Audit Trail: Includes discovery, configuration changes, and alert and vulnerability events.
- Alerts: Displays open alerts for the asset.
- Findings: Displays all findings, including vulnerabilities for the asset.
- Permissions: Displays effective permissions for assets.
- Relationships: Displays tabular representation of related assets.
- Objects: Displays data objects within applicable assets.
The
Asset Detail View
displays "You are viewing data about a deleted asset" to indicate that you are viewing an asset which has been deleted from your cloud environment.
You can access the Resource Explorer from the Asset links on the Investigate and Data Security pages.
- Asset Detail View: With Unified Asset Inventory you can quickly identify software vulnerabilities affecting your assets in the inventory.
- On Asset Inventory, review the number of assets with each severity vulnerability for each grouping.
- On Asset Explorer, review the number of vulnerabilities of each severity for each asset.
- On the Asset Detail View, review the Findings for each asset including vulnerabilities.
Legacy Asset Inventory
If you are on the legacy Asset Inventory, use this section for information on the Asset Inventory.
provides a snapshot of the current state of all cloud resources or assets that you are monitoring and securing using Prisma Cloud. From the dashboard, you gain operational insight over all our cloud infrastructure, including assets and services such as Compute Engine instances, Virtual machines, Cloud Storage buckets, Accounts, Subnets, Gateways, and Load Balancers. The interactive dashboard provides filters to change the scope of data displayed, so that you can analyze information you want to view in greater detail.
Assets are displayed by default for all account groups, which the service monitors, for the most recent time range (last full hour). Resources that belong to cloud accounts which are disabled on Prisma Cloud, are not included in the Asset Inventory.
For assets that have been deleted in cloud accounts onboarded to Prisma Cloud, you can view and investigate data for up to 90 days after asset deletion. After the 90-day period, the assets are archived and you can use the Prisma Cloud API to export information on the deleted asset and analyze it using other tools. The time period that an archived asset information will be available for retrieval is 9 months. However, to facilitate the initial retrieval of archived assets, the asset lifecycle is not currently enforced.
With the release of the new Asset Inventory, multiple group-bys are no longer supported in the legacy Asset Inventory. However, you can still use the multiple group-by capability by using the APIs.
At a glance the Asset Inventory dashboard has four sections:
- Resource Summary—Shows the count of theTotal Unique Resourcesmonitored by Prisma Cloud. Click the link to view all the assets on the Asset Explorer.
For all these assets, you can toggle to view the following details as numeric value or a percentage:- Pass—Displays the resources without any open alerts. Click the link for the passed resources and you will be redirected to theAsset Explorerthat is filtered to display all the resources that haveScan Statusset toPass.
- Low/Medium/High—Displays the resources that have generated low, medium, or high severity alerts. On the asset inventory, when a resource triggers multiple alerts, the asset severity assigned to it matches the highest risk to which it is exposed. When you click the link, you will be redirected to the Asset Explorer that is filtered to display all the resources that match the correspondingAsset Severitylevel.TheView Alertslink enables you to view a list of all resources that have open alerts sorted by severity. Click each link to view the Alerts Overview sorted for low, medium or high severity alerts. You can review the policies that triggered the alerts along with a count of the total number of alerts for each policy.
- Fail—Displays the total number of resources that have generated at least one open alert when the hourly snapshot was generated. Click the link and you will be redirected to the Asset Explorer that is filtered to display all resources that haveScan Statusset toFailed.
- Asset Trend—Trend line to help you monitor the overall health of your cloud resources starting when you added the first cloud account on Prisma Cloud through the time when the hourly snapshot was generated. The green, blue and red trend lines are overlaid to visually display the pass and failed resources against the total resource count. The trends depict the overall security posture of your resources and how they are performing over time so you can identify sudden surges with failed policy checks or sustained improvements with passing policy checks.
- Asset Classification—Bar graph for each cloud type (default), region name, account name, or service name that depicts the ratio of passed to failed resources for policy checks.
- Tabular data— The table enables you to group the results by account name, cloud region, or service name (default) and then drill down to view granular information on the resource types within your cloud accounts. All global resources for each cloud are grouped under AWS Global, Alibaba Cloud Global, Azure Global, and GCP Global.Each row displays the service name with details on the cloud type (which you can filter on), and the percentage of resources that pass policy checks to which you want to adhere. The links in each column help you explore and gain the additional context you may need to take action.
You may see more failed resources on the Compliance Dashboard compared to the Asset Inventory. This is because the Asset Inventory only counts assets that belong to your cloud account, and the Compliance Dashboard includes foreign entities such as SSO or Federated Users that are not resources ingested directly from the monitored cloud accounts.
