Netskope¶
Netskope provides web filtering telemetry. Cyderes ingests Netskope Audit and Alert logs. Netskope Audit logs are generated by critical activities done by an admin in the Netskope platform. Alert logs generated by Netskope include policy, DLP, and watch list alerts. Cyderes utilizes this information to track unauthorized or malicious web behaviors on endpoints.
Chronicle Data Types¶
- NETSKOPE_ALERT
Note
While we provide documentation for both V1 and V2 API, Cyderes recommends that you utilize the V2 API steps as the V1 API has been deprecated by Netskope.
Configuration V2 API¶
Please refer to the Netskope V2 REST API documentation on how to create an V2 API token.
Provide Read privileges to the following Netskope API endpoints:
- api/v2/events/data/alert
- api/v2/events/data/audit
Configuration V1 API¶
Please refer to the Netskope V1 REST API documentation on how to create an V1 API token.
- In the Netskope UI, navigate to Settings -> Tools -> Rest API
- Create a token and record its value
Gather Information¶
Provide the following information to Cyderes to complete implementation:
- Netskope Tenant Name - company specific tenant URL
- Netskope API Token - the API token generated