https://github.com/paloaltonetworks/pc-csv-alert-dismissal

Simple script to dismiss alerts from a supplied CSV file.
https://github.com/paloaltonetworks/pc-csv-alert-dismissal

cloud prisma prisma-cloud prisma-cloud-compute-edition

Last synced: 3 months ago
JSON representation

Simple script to dismiss alerts from a supplied CSV file.

• Host: GitHub
• URL: https://github.com/paloaltonetworks/pc-csv-alert-dismissal
• Owner: PaloAltoNetworks
• License: isc
• Created: 2022-09-29T17:33:39.000Z (over 2 years ago)
• Default Branch: main
• Last Pushed: 2022-09-29T17:41:17.000Z (over 2 years ago)
• Last Synced: 2025-01-12T00:30:00.561Z (4 months ago)
• Topics: cloud, prisma, prisma-cloud, prisma-cloud-compute-edition
• Language: Python
• Homepage:
• Size: 5.86 KB
• Stars: 0
• Watchers: 4
• Forks: 1
• Open Issues: 0
• Metadata Files:
  • Readme: README.md
  • Contributing: CONTRIBUTING.md
  • License: LICENSE

Awesome Lists containing this project

README

        
# Overview

This script accepts a CSV file that contains Alert IDs and Dismissal Reasons.

The script groups Alerts by their Dismissal Reason and dismisses Alerts in batches.

# Installation

pip3 install loguru

pip3 install pcpi

# Running the script

Defaults to file named "input.csv".

```python3 dismiss.py```

Specify the path to the input csv using the "-file" option.

```python3 dismiss.py -file inputfilename.csv```

# Notes

### One

The script accepts a csv file with the following format:

```Alert ID,Policy Name,dismissalNote```

### Two

The script is set to read credentials from a file by default. If the file does not exist, then the script will create the file for you.

You can also have the script read from environment variables or directly from the user.

Authentication with Prisma Cloud is handled by pcpi (Prisma Cloud Python Integration).

Please refer to the GitHub page for this library for more details.

[https://github.com/PaloAltoNetworks/pc-python-integration](https://github.com/PaloAltoNetworks/pc-python-integration)