Skip to main content

Netskope V2

netskope

Version: 1.1
Updated: Jul 13, 2023

Netskope provides unrivaled visibility and real-time data and threat protection when accessing cloud services, websites, and private apps from anywhere, on any device.

Actions

  • Get Alert (Enrichment) - Get single alert.
  • List Alerts (Enrichment) - Get a list of alerts generated by Netskope.
  • List Events (Enrichment) - Get a list of events generated by Netskope.
  • Get URL Lists (Enrichment) - Get URL lists.
  • Update URL List (Containment) - Edit an URL list.
  • Netskope Get Alert List Daemon (Daemon) - Daemon to extract alerts generated by Netskope.
  • Netskope Get Event List Daemon (Daemon) - Daemon to events alerts generated by Netskope.

Neskope V2 configuration

Netskope REST APIs use an auth token to make authorized calls to the API. Netskope REST APIs provide access to resources via URI paths. The token must be used in every REST API call for the tenant. The token can be created for use with specified APIs in the Netskope UI by going to Settings > Tools > Rest API v2.

  1. On the REST API v2 page, click New Token.
  2. Enter a token name, the token expiration time, and then click Add Endpoint to select the API endpoints to use with the token.
  3. Specify the privileges for each of the endpoints added. Read privileges include GET, and Read+Write privileges include GET, PUT, POST, PATCH, and DELETE. Endpoint privileges vary. Some endpoints, like alert and audit (and others) only have the Read privilege; whereas, the URL list/file endpoint only has Read+Write privileges. For this Integration following endpoints are required:
    netskope-v2
  4. When finished, click Save.
  5. A confirmation box opens showing whether the token creation was a success. If so, click Copy Token to save it for later use in your API requests.

Important - The only opportunity to copy the token is immediately after you create it. The token is required in your API requests.
netskope-v2

When finished, click OK. After being created, tokens can be managed by clicking the adjacent ... icon for the token and selecting one of these options:
netskope-v2

Netskope V2 in Automation Service and Cloud SOAR

  1. To configure the integration, log into the application, expand the configuration menu in the top right corner by hovering over the gear icon and click Automation.
    netskope-v2
  2. In the Automation section, on the left menu, click Integrations.
    netskope-v2
  3. After the list of the integrations appears, search for the integration and click on the row.
  4. The integration details will appear. Click on the "+" button to add new Resource.
    netskope-v2
  5. Populate all the required fields (*) and then click SAVE.
    • Server URL. URL for API V2 REST API (https://<tenant-name>.goskope.com).
    • Token. The Token you copied earlier.
  6. Additionally, if need you can populate the query daemons.
  7. To make sure the resource is working, hover over the resource and then click the pencil icon that appears on the right.
    netskope-v2
  8. Click Test.
    netskope-v2
  9. You should receive a successful notification in the bottom right corner.
    netskope-v2

Change Log

  • December 21, 2022 - First upload
  • July 13, 2023 (v1.1)
    • Changed fields visibility
    • Changed Daemon compatibility
Legal
Privacy Statement
Terms of Use

Copyright © 2024 by Sumo Logic, Inc.