Step 1: Enable console access
Having read-only access to the interface of your technology allows Expel to dig deeper when performing incident investigations. Our device health team uses this access to investigate potential health issues with your tech.
- Open Console and log in with your admin credentials.
- Go to Manage > Authentication > Users.
- Click Add user.
- Type email@example.com as the username.
- Type a password.
Assign the user the DevSecOps User role for single-tenant or the Admin role for multi-tenant (On-prem deployments only). Note: The Admin role is a high level of access, but Prisma Cloud Compute requires the Admin role to grant read access to the projects API for multi-tenant.
- Click Save.
Step 2: Determine Prisma Cloud Compute console URL
Prisma Cloud Compute can be either a self-hosted or SaaS installation. The Prisma Cloud Compute console URL depends on your specific installation. Use the following sections to determine your Prisma Cloud Compute console URL.
For self-hosted environments, the Prisma Cloud Compute API is exposed on port 8083 (HTTPS). This port is specified at install time in twistlock.cfg.
- For Kubernetes Installations (most common):
- Console service is exposed by a LoadBalancer.
- The console URL is the LoadBalancer followed by port 8083: https://<LOAD_BALANCER>:8083
- For Onebox installations:
- Console installed on a standalone host.
- The Console URL is the IP address or DNS name of the host followed by port 8083: https://<IP_ADDRESS>:8083
- Log into Console.
- Go to Compute > Manage > System > Downloads.
- The console URL is listed under Path to Console.
Step 3: Configure the technology in Workbench
Now that we have all the correct access configured and have noted the credentials, we can integrate your tech with Expel.
Register device in Expel Workbench
- In a new browser tab, login to https://workbench.expel.io.
- On the console page, navigate to Settings and click Security Devices.
- At the top right of the page, select Add Security Device.
- Search for and select your technology
If you are a running a Prisma Cloud Compute SaaS installation, then select Cloud for Where is your device (as shown above).
If you are running a Prisma Cloud Compute self-hosted installation, select On-prem and then select Assembler from the list. Select the assembler you set up in Step 2 of the Getting Started with Expel guide.
- For Name and Location type Prisma and for location either Cloud or On-prem.
- For Username type the user created in Step 1.
- For Password type password created in Step 1.
- For Server address type the console URl determined in Step 2.
- For Username and Password in the optional Console Login section fields can be filled in with the username and password created in Step 1.
- Click Save.
After a few minutes, refresh the Security Devices page and you see your device status reporting as Healthy, or if there is an issue, you see details of what the issue may be.
To check if alerts are coming through, navigate to Alerts on the console page. Click the icon in the upper right to switch to grid view, then check the list for device alerts.