Netskope Monitoring

Updated Nov 15, 2023

Configure Netskope for Arctic Wolf monitoring

You can configure Netskope® to send the necessary logs to Arctic Wolf® for security monitoring.

Requirements

Steps

  1. Create an API token.
  2. Provide your Netskope credentials to Arctic Wolf.

Step 1: Create an API token

  1. Sign in to the Netskope dashboard.

  2. Click Settings > Tools > REST API v2.

  3. If the Rest API Status is Disabled, click edit to enable it.

  4. In the Create REST API Token dialog, click New Token.

  5. In the TOKEN NAME field, enter a name for the token.

  6. In the EXPIRE IN field, enter an expiry date that aligns with your needs.

  7. Click Add Endpoint.

  8. In the SCOPE section, for each dataexport endpoint, select the corresponding Read checkbox.

  9. Click Save.

    A confirmation box displays the API token.

  10. Copy the API token, and then save it in a safe, encrypted location. You will provide it to Arctic Wolf later.

  11. Click OK.

Step 2: Provide your Netskope credentials to Arctic Wolf

  1. Sign in to the Arctic Wolf Unified Portal.

  2. In the menu bar, click Telemetry Management > Connected Accounts.

  3. Click Add Account +.

  4. On the Add Account page, in the Account Type list, select Cloud Detection and Response.

  5. In the Cloud Services list, select Netskope.

  6. On the Add Account page, configure these settings:

    • Account Name — Enter a unique and descriptive name for the account.

    • API URL — Enter the API URL that you used to sign in to Netskope in Create an API token.

      Note: The URL must include https://. For example, https://<instance_name>.goskope.com.

    • API Token — Enter the API token from Create an API token.

    • Credential Expiry — (Optional) Enter the expiration date if the credentials have an expiry date.

  7. Click Test and submit credentials.

See also