You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: docs/platform-services/automation-service/app-central/integrations/netskope-v2.md
+35-15Lines changed: 35 additions & 15 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -22,19 +22,39 @@ Netskope provides unrivaled visibility and real-time data and threat protection
22
22
***Netskope Get Alert List Daemon***(Daemon)* - Daemon to extract alerts generated by Netskope.
23
23
***Netskope Get Event List Daemon***(Daemon)* - Daemon to events alerts generated by Netskope.
24
24
25
-
## Neskope V2 configuration
26
-
27
-
[Netskope REST APIs](https://docs.netskope.com/en/rest-api-v2-overview-312207/) use an auth token to make authorized calls to the API. Netskope REST APIs provide access to resources via URI paths. The token must be used in every REST API call for the tenant. The token can be created for use with specified APIs in the Netskope UI by going to **Settings > Tools > Rest API v2**.
28
-
29
-
1. On the REST API v2 page, click **New Token**.
30
-
1. Enter a token name, the token expiration time, and then click **Add Endpoint** to select the API endpoints to use with the token.
31
-
1. Specify the privileges for each of the endpoints added. Read privileges include GET, and Read+Write privileges include GET, PUT, POST, PATCH, and DELETE. Endpoint privileges vary. Some endpoints, like alert and audit (and others) only have the Read privilege; whereas, the URL list/file endpoint only has Read+Write privileges. For this Integration following endpoints are required:<br/><img src={useBaseUrl('/img/platform-services/automation-service/app-central/integrations/netskope-v2/netskope-v2-2.png')} style={{border:'1px solid gray'}} alt="netskope-v2" width="600"/>
32
-
1. When finished, click **Save**.
33
-
1. A confirmation box opens showing whether the token creation was a success. If so, click **Copy Token** to save it for later use in your API requests.
34
-
35
-
**Important** - The only opportunity to copy the token is immediately after you create it. The token is required in your API requests.<br/><img src={useBaseUrl('/img/platform-services/automation-service/app-central/integrations/netskope-v2/netskope-v2-3.png')} style={{border:'1px solid gray'}} alt="netskope-v2" width="400"/>
36
-
37
-
When finished, click **OK**. After being created, tokens can be managed by clicking the adjacent **...** icon for the token and selecting one of these options: <br/><img src={useBaseUrl('/img/platform-services/automation-service/app-central/integrations/netskope-v2/netskope-v2-4.png')} style={{border:'1px solid gray'}} alt="netskope-v2" width="200"/>
25
+
## Neskope RBACv3 token configuration
26
+
27
+
[Netskope RBACv3 configuration](https://docs.netskope.com/en/netskope-rbac-v3-overview) use an auth token to make authorized calls to the API. Netskope REST APIs provide access to resources via URI paths. The token must be used in every REST API call for the tenant. The token can be created for use with specified APIs in the Netskope UI by going to **Settings > Administration > Administrators & Roles**.
28
+
29
+
### Netskope role and service account setup
30
+
31
+
Follow the steps below to create a role with the required function scope and obtain a service account token for use in the Netskope Data Connector tile.
32
+
33
+
1. Create role with required function scope:
34
+
1. In the Netskope console, go to **Settings > Administration > Administrators & Roles**.
35
+
1. Navigate to the **Roles** tab.
36
+
1. Click **Create Role** (or edit an existing one).
1. In the same section, click on the **Administrators** tab.
52
+
1. Select **Service Account**.
53
+
1. Select the **Role** created in the last step.<br/><img src={useBaseUrl('/img/platform-services/automation-service/app-central/integrations/netskope-v2/Netskope_ServiceAccount_Creation.png')} style={{border:'1px solid gray'}} alt="netskope-v2" width="600"/>
54
+
1. Copy the generate service account token.<br/><img src={useBaseUrl('/img/platform-services/automation-service/app-central/integrations/netskope-v2/Netskope_API_Token.png')} style={{border:'1px solid gray'}} alt="netskope-v2" width="400"/>
55
+
:::warning Important
56
+
Keep this token secure.
57
+
:::
38
58
39
59
## Configure Netskope V2 in Automation Service and Cloud SOAR
40
60
@@ -49,7 +69,7 @@ import IntegrationTimeout from '../../../../reuse/automation-service/integration
49
69
* <IntegrationLabel/>
50
70
***Server URL**. Enter the URL for API V2 REST API in the format `https://<tenant-name>.goskope.com`
51
71
52
-
***Tenant API Token**. Enter the [API token](https://docs.netskope.com/en/api-tokens-2/) you [copied earlier](#neskope-v2-configuration).
72
+
***Tenant API Token**. Enter the [API token](https://docs.netskope.com/en/api-tokens-2/) you [copied earlier](#netskope-role-and-service-account-setup).
53
73
54
74
***Event Type**. Select the [event type](https://docs.netskope.com/en/skope-it-query-language/#event-types) (additionally, if you need to, you can populate the query daemons):
55
75
***Application**
@@ -62,7 +82,7 @@ import IntegrationTimeout from '../../../../reuse/automation-service/integration
0 commit comments