Netskope
  • 22 Feb 2024
  • 1 Minute to read
  • Dark
    Light
  • PDF

Netskope

  • Dark
    Light
  • PDF

Article Summary

Netskope Security Cloud provides threat protection for cloud services, websites, and private applications.

Types of Assets Fetched

This adapter fetches the following types of assets:

  • Devices

  • Users

  • SaaS data

Parameters

  1. Netskope Domain (required) - The hostname of the Netskope server.

  2. API Token (required) - Specify your account API key or an API token you have created.

  3. Verify SSL - Select whether to verify the SSL certificate offered by the host supplied in Netskope Domain. For more details, see SSL Trust & CA Settings.

    • If enabled, the SSL certificate offered by the host will be verified against the CA database inside of Axonius. If it fails validation, the connection will fail with an error.

    • If disabled, the SSL certificate offered by the host will not be verified against the CA database inside of Axonius.

  4. HTTPS Proxy (optional) - A proxy to use when connecting to Netskope Domain.

    • If supplied, Axonius will utilize the proxy when connecting to the host defined for this connection.

    • If not supplied, Axonius will connect directly to the host defined for this connection.

To learn more about common adapter connection parameters and buttons, see Adding a New Adapter Connection.

Advanced Settings

Note:

Advanced settings can either apply for all connections for this adapter, or you can set different advanced settings and/or different scheduling for a specific connection, refer to Advanced Configuration for Adapters

  1. Fetch mobile devices (required, default: True) - Choose whether to fetch mobile devices in addition to standard devices.

    • If enabled, all connections for this adapter will fetch mobile devices.

    • If disabled, all connections for this adapter will not fetch mobile devices.

  2. Fetch users from alerts less than X days old (required, default: 0) - Choose whether to fetch alerts triggered by users created in the number of days defined in the field

  3. Fetch the last seen date from events - Select this option to populate the Last Seen field with the date from the events endpoint of the Netskope API.

  4. Do not ingest duplicates - Select this option so that the adapter will ignore assets with the same NS Device UID if any were ingested previously during the same fetch.

  5. Use API V2 - Select this option to fetch data using the API V2 (API V2 only fetches users and SaaS applications).

Required Permissions

If using API V2, permissions for at least one of the below listed endpoints are required:

  • events/dataexport/events/alert

  • events/dataexport/events/application

  • events/dataexport/events/audit

  • events/dataexport/events/connection

  • events/dataexport/events/incident

  • events/dataexport/events/infrastructure

  • events/dataexport/events/network

  • events/dataexport/events/page

  • events/dataexport/events/endpoint



Was this article helpful?

What's Next
Changing your password will log you out immediately. Use the new password to log back in.
First name must have atleast 2 characters. Numbers and special characters are not allowed.
Last name must have atleast 1 characters. Numbers and special characters are not allowed.
Enter a valid email
Enter a valid password
Your profile has been successfully updated.