Merge pull request #153 from PaloAltoNetworks/feature/add-severityto-…

…alert-list add policy severity to alert list command
PaloAltoNetworks · Nov 23, 2023 · 5e052ec · 5e052ec
2 parents 465dffd + 4e137dc
commit 5e052ec
Show file tree

Hide file tree

Showing 2 changed files with 18 additions and 3 deletions.
diff --git a/prismacloud/cli/cspm/cmd_alert.py b/prismacloud/cli/cspm/cmd_alert.py
@@ -3,6 +3,7 @@
 
 from prismacloud.cli import cli_output, pass_environment
 from prismacloud.cli.api import pc_api
+from urllib.parse import quote
 
 
 @click.group(
@@ -53,10 +54,23 @@ def list_alerts(compliance_standard, cloud_account, account_group, amount, unit,
     alerts = pc_api.get_endpoint("alert", query_params=data, api="cspm")
 
     # Try to add a new column with a url to the alert investigate page
-    url = "https://app.eu.prismacloud.io/investigate/details?resourceId="
+    base_url = f"https://{pc_api.api.replace('api', 'app')}/alerts/overview?viewId=default"
+
     for alert in alerts:
         try:
-            alert["alert.resource.url"] = f"{url}{alert['resource']['rrn']}"
+            alert_id = alert['id']
+            # Correctly using double braces for literal curly braces in f-string
+            filters = (
+                f'{{"timeRange":{{"type":"to_now","value":"epoch"}},'
+                f'"timeRange.type":"ALERT_OPENED","alert.status":["open"],'
+                f'"alert.id":["{alert_id}"]}}'
+            )
+            # Encoding the filters part
+            encoded_filters = quote(filters)
+
+            # Constructing the full URL
+            alert_url = f'{base_url}&filters={encoded_filters}'
+            alert["alert.resource.url"] = alert_url
         except Exception:  # pylint:disable=broad-except
             pass
 
@@ -69,6 +83,7 @@ def list_alerts(compliance_standard, cloud_account, account_group, amount, unit,
         for policy in policies:
             if policy["policyId"] == alert["policyId"]:
                 alert["policy.name"] = policy["name"]
+                alert["policy.severity"] = policy["severity"]
                 alert["policy.description"] = policy["description"]
     logging.debug("Done iterating through alerts and adding policy information")
 

diff --git a/prismacloud/cli/version.py b/prismacloud/cli/version.py
@@ -1 +1 @@
-version = "0.7.7"
+version = "0.7.8"