Netskope : Security Assessment

Vendor Documentation

https://www.netskope.com/blog/introducing-continuous-security-assessment-for-google-cloud-platform

Classification

Rule Name	Rule Type	Classification	Common Event
Netskope : Security Assessment	Base Rule	Other Security	General Security

Mapping with LogRhythm Schema

Device Key in Log Message	LogRhythm Schema	Data Type
Device vendor	N/A	N/A
device product	N/A	N/A
Device version	N/A	N/A
Device event class id	<vmid>	Text/String
Event name	N/A	N/A
Severity of the event	<severity>	Text/String
access_method	N/A	N/A
activity	N/A	N/A
action	<action>	Text/String
application category	<subject>	Text/String
browser	N/A	N/A
cci	N/A	N/A
ccl	N/A	N/A
instance_id	N/A	N/A
object	N/A	N/A
os	N/A	N/A
policy	<policy>	Text/String
app	N/A	N/A
account_id	N/A	N/A
asset_object_id	N/A	N/A
iaas_asset_tags	N/A	N/A
sa_profile_name	N/A	N/A
sa_rule_name	<vendorinfo>	Text/String
sa_rule_remediation	N/A	N/A
site	N/A	N/A
user	<login>	Text/String
timestamp	N/A	N/A
sourceservicename	<process>	Text/String