Prisma Cloud Asset Inventory

Use the Asset Inventory dashboard to see up-to-date information on all cloud resources that you are using Prisma Cloud to monitor and secure.
The Asset Inventory dashboard (on the
Inventory
tab) provides a snapshot of the current state of all cloud resources or
assets
that you are monitoring and securing using Prisma Cloud. From the dashboard, you gain operational insight over all our cloud infrastructure, including assets and services such as Compute Engine instances, Virtual machines, Cloud Storage buckets, Accounts, Subnets, Gateways, and Load Balancers.
Assets are displayed by default for all account groups, which the service monitors, for the most recent time range (last full hour). The interactive dashboard provides filters to change the scope of data displayed, so that you can analyze information you want to view in greater detail.
asset-inventory-new.png
At a glance the Asset Inventory dashboard four sections:
  • Resource Summary
    - Shows the count of the
    Total Unique Resources
    monitored by Prisma Cloud. Click the link to view all the assets on the Asset Explorer. For all these assets, you can toggle to view the following details as numeric value or a percentage:
    • Pass
      —Displays the resources without any open alerts. Click the link for the passed resources and you will be redirected to the
      Asset Explorer
      that is filtered to display all the resources that have
      Scan Status
      set to
      Pass
      .
      asset-explorer.png
    • Low/Medium/High
      —Displays the resources that have generated low, medium, or high severity alerts. On the asset inventory, when a resource triggers multiple alerts, the asset severity assigned to it matches the highest risk to which it is exposed. When you click the link, you will be redirected to the Asset Explorer that is filtered to display all the resources that match the corresponding
      Asset Severity
      level.
      The
      View Alerts
      link enables you to view a list of all resources that have open alerts sorted by severity. Click each link to view the Alerts Overview sorted for low, medium or high severity alerts. You can review the policies that triggered the alerts along with a count of the total number of alerts for each policy.
    • Fail
      —Displays the total number of resources that have generated at least one open alert when the hourly snapshot was generated. Click the link and you will be redirected to the Asset Explorer that is filtered to display all resources that have
      Scan Status
      set to
      Failed
      .
  • Asset Trend
    —Trend line to help you monitor the overall health of your cloud resources starting when you added the first cloud account on Prisma Cloud through the time when the hourly snapshot was generated. The green, blue and red trend lines are overlaid to visually display the pass and failed resources against the total resource count. The trends depict the overall security posture of your resources and how they are performing over time so you can identify sudden surges with failed policy checks or sustained improvements with passing policy checks.
  • Asset Classification
    —Bar graph for each cloud type (default), region name, or account name that depicts the ratio of passed to failed resources. This interactive graph allows you to drill into the passed and failed resources for details on the corresponding services that passed or failed policy checks; you can click and drag a section of the chart to zoom in further.
  • Tabular data
    — The table enables you to group the results by account name, cloud region, or service name (default) and then drill down to view granular information on the resource types within your cloud accounts. All global resources for each cloud are grouped under AWS Global, Alibaba Cloud Global, Azure Global, and GCP Global.
    Each row displays the service name with details on the cloud type (which you can filter on), and the percentage of resources that pass policy checks to which you want to adhere. The links is each column help you explore and gain the additional context you may need to take action.
You may see more failed resources on the Compliance Dashboard compared to the Asset Inventory. This is because the Asset Inventory only counts assets that belong to your cloud account, and the Compliance Dashboard includes foreign entities such as SSO or Federated Users that are not resources ingested directly from the monitored cloud accounts.

Recommended For You