1. Home
    2. Prisma
    3. Prisma Cloud
    4. Prisma™ Cloud Resource Query Language (RQL) Reference
    5. Prisma Cloud RQL Reference
    6. Prisma Cloud Resource Query Language (RQL)

    Prisma Cloud Resource Query Language (RQL)

    Learn what RQL is and how to use this powerful tool to investigate issues in real-time in your cloud environments.
    Prisma Cloud Resource Query Language (RQL) is a powerful and flexible tool that helps you gain security and operational insights about your deployments in public cloud environments. You can use RQL to perform configuration checks on resources deployed on different cloud platforms and to gain visibility and insights into user and network events. You can use these security insights to create policy guardrails that secure your cloud environments.
    RQL is a structured query language that resembles Structured Query Language (SQL). RQL supports the following types of queries:
    • Config
      —Use Config Query to search for the configuration of the cloud resources.
    • Event
      —Use Event Query to search and audit all the console and API access events in your cloud environment.
    • Network
      —Use Network Query to search real-time network events in your environment.
    Use RQL to find answers to fundamental questions that help you understand what is happening on your network. For example, you can find answers to the following questions:
    • Do I have S3 buckets with encryption disabled?
    • Do I have databases that are directly accessible from the internet?
    • Who uses a root account to manage day-to-day administrative activities on my network?
    • Which cloud resources are missing critical patches that make them exploitable?

    Related Documentation

    RedLock Query Language (RQL)

    Learn what is RQL and how you can use this powerful tool to investigate issues on your cloud environments in real-time ...

    Prisma Cloud RQL Reference

    Learn how the Prisma Cloud Resource Query Language works ...

    RedLock RQL Reference

    Learn how the RedLock Query Language works ...

    Investigate Incidents on Prisma Cloud

    Learn how to use Prisma Cloud to investigate config, audit, and network incidents. ...

    Config Query

    Use Config Query to dig in to the configuration of the resources deployed in public cloud environments. ...

    Investigate Incidents on RedLock

    Investigate Incidents on RedLock RedLock helps you visualize your entire cloud infrastructure and provides insights into security and compliance risks. The RedLock service helps you ...

    Create a Policy

    Create a custom policy to meet your specific needs for compliance or monitoring of cloud resources. ...

    Event Query

    Use Event Query for insight into privileged activities, and suspicious or anamolous activities in your cloud environment. ...

    Config Query

    Use config queries to dig in to the configuration of the resources deployed on the public cloud environments. ...

    Network Query

    Use Network Query to find real-time network security risks on your resources deployed in public cloud environments. ...

    © 2019 Palo Alto Networks, Inc. All rights reserved.

    Techdocs Logo