Netskope
  • 25 Mar 2025
  • 2 Minutes to read
  • Dark
    Light

Netskope

  • Dark
    Light

Article summary

Netskope is a SASE solution that provides data protection, and threat prevention across cloud apps, web traffic, and private applications. It helps organizations enforce policies, detect threats, and prevent data loss while ensuring compliance. For detailed information, refer to Netskope’s official documentation.

Integration Method: API

Tables: Detection Finding (2004), Network activity (4001)

This integration supports the following events.

Event

Description

Alerts

Captures alert data on security and compliance violations, including file details, user activity, policy violations, and exposure risks.

Pages

Captures detailed logs of user web activity, including accessed URLs, application usage, connection details, data transfer, and geolocation information.

This integration supports the following versions.

Netskope Version

124.0.2.163

Netskope API Version

v2

Prerequisites

  • The user should have access to Netskope console. 

  • The user should have access to the DataBee console.

Configuration Overview

  1. Create an API Token with required permissions to fetch the data.

  2. Create Netskope data feed in the DataBee console with the required Client credentials.

    DataBee Parameter

    Netskope Parameter

    API Base URL (< instance >)

    Instance URL

    Token

    Token

Netskope Configuration

  1. Login to the Netskope console. Extract the instance name from the URL, as it is required for configuring the DataBee UI.
     Inserting image...

  2. Clicking the Settings button will open the settings page in a new tab.
     

  3. Click on the Tools button.
     

  4. Click on the REST API v2 button.
     

  5. Click on the NEW TOKEN button.
     

  6. Enter ‘TOKEN NAME’.
     

  7. In the ‘EXPIRE IN’ field, enter 12 and select Month(s) from the dropdown.
     

  8. Click on the ADD ENDPOINT button.
     

    Note:

    Token expiration is set for one year. Ensure reconfiguration of the token after that to maintain seamless data ingestion.

  9. In the ‘SCOPE’ section, add the endpoints mentioned below to enable access.

    Endpoint

    Description

    /api/v2/events/data/alerts

    Get a list of all alerts in the Netskope instance

    /api/v2/events/data/page

    Get the full details for a user web activity

    1. Search for events/data/alerts, then locate and select the /api/v2/events/data/alert endpoint.
       

    2. Search for events/data/page, then locate and select the /api/v2/events/data/page endpoint.
       

    3. After the above point, the permission scope should be structured as follows.
       

  10. Click on the SAVE button.
     

  11. Click on the COPY TOKEN to copy the token to your clipboard. Ensure you store the token in a secure location, as you will not be able to view it again.
     

    Note:

    Ensure you store the token in a secure location, as you will not be able to view it again.

  12. Click on the OK button.
     

DataBee Configuration

  1. Login to the DataBee UI, navigate to Data > Data Feeds and click the Add New Data Feed button.
     Inserting image...

  2. Search for Netskope and select it.
     

  3. Click on the API Ingest.
     Inserting image...

  4. Enter feed contact information and click Next.
     

  5. In the configuration page, enter the following:

    • Authorization Method: Bearer Token

    • API Base URL: this is the base URL that DataBee will interact with.

      • Replace <instance> with your Instance according to your Instance URL.

    • Token: paste the Token generated earlier in the Netskope portal.

    • Event Types: preselected for all the event types that integration pulls.

  6. Click Submit.

Troubleshooting Tips

  • If you encounter an Unauthorized error, it may indicate that the authentication token has expired or deleted. In this case, regenerate the token to restore access. To prevent potential issues, consider pasting the token into a text editor to verify that there are no extra spaces or unexpected characters before reconfiguring the DataBee feed.


Was this article helpful?

What's Next
Changing your password will log you out immediately. Use the new password to log back in.
First name must have atleast 2 characters. Numbers and special characters are not allowed.
Last name must have atleast 1 characters. Numbers and special characters are not allowed.
Enter a valid email
Enter a valid password
Your profile has been successfully updated.
ESC

Eddy AI, facilitating knowledge discovery through conversational intelligence