Device Details
|
Vendor |
Netskope |
|---|---|
|
Device Type |
Cloud Application Security Broker |
|
Supported Model Name/Number |
Netskope |
|
Supported Software Version(s) |
N/A |
|
Collection Method |
Syslog |
|
Configurable Log Output? |
No |
|
Log Source Type |
Syslog |
|
Log Processing Policy |
LogRhythm Default |
|
Exceptions |
N/A |
|
Additional Information |
N/A |
Prerequisites
Deployment of application and its credentials.
Currently Supported Log Types
|
Type |
Product Version |
Supported Schema Fields |
|---|---|---|
|
Anomalous Action Identified |
N/A |
Action, Login, Object, Object Type, Process, Result, Severity, SIP, User-Agent |
|
Data Loss Prevention Violations |
N/A |
Action, Hash, Login, Object, Object Type, Policy, Result, Severity, Size, User-Agent |
Parsed Metadata Fields
|
Product Field Name |
LogRhythm Metadata Field |
Value/Data Type |
|---|---|---|
|
- |
<severity> |
Text/String |
|
alert_type |
<result> |
Text/String |
|
browser |
<useragent> |
Text/String |
|
event_type |
<process> |
String |
|
file_size |
<size> |
Numeric |
|
md5 |
<hash> |
Md5sum |
|
ns_activity |
<action> |
Text/String |
|
object |
<object> |
Text/String |
|
object_type |
<objecttype> |
Text/String |
|
policy |
<policy> |
Policy |
|
srcip |
<sip> |
IP Address |
|
user_id |
<login> |
String |