1. Home
    2. Prisma
    3. Prisma Cloud
    4. Prisma™ Cloud Resource Query Language (RQL) Reference
    5. Prisma Cloud RQL Reference
    6. Event Query

    Event Query

    Use Event Query for insight into privileged activities, and suspicious or anamolous activities in your cloud environment.
    Event queries help you to detect and investigate console and API access events, monitor privileged activities, detect account compromise, and detect unusual user behavior in your cloud environments.
    To investigate events, use
    event from cloud.audit_logs where
     queries in the search box on the
    Investigate
     tab of the Prisma Cloud administrative console. The query uses the event data that Prisma Cloud ingested from the audit logs to help you learn who did what and when on your cloud assets.

    Recommended For You

    Recommended Videos

    Recommended videos not found.

    © 2023 Palo Alto Networks, Inc. All rights reserved.

    Techdocs Logo