Syslog - Netskope
Device Details
Vendor | Netskope |
|---|---|
Device Type | Cloud Application Security Broker |
Supported Model Name/Number | Netskope |
Supported Software Version(s) | N/A |
Collection Method | Syslog |
Configurable Log Output? | No |
Log Source Type | Syslog |
Log Processing Policy | LogRhythm Default |
Exceptions | N/A |
Additional Information | N/A |
Prerequisites
Deployment of application and its credentials.
Currently Supported Log Types
Type | Product Version | Supported Schema Fields |
|---|---|---|
Anomalous Action Identified | N/A | Action, Login, Object, Object Type, Process, Result, Severity, SIP, User-Agent |
Data Loss Prevention Violations | N/A | Action, Hash, Login, Object, Object Type, Policy, Result, Severity, Size, User-Agent |
Parsed Metadata Fields
Product Field Name | LogRhythm Metadata Field | Value/Data Type |
|---|---|---|
- | <severity> | Text/String |
alert_type | <result> | Text/String |
browser | <useragent> | Text/String |
event_type | <process> | String |
file_size | <size> | Numeric |
md5 | <hash> | Md5sum |
ns_activity | <action> | Text/String |
object | <object> | Text/String |
object_type | <objecttype> | Text/String |
policy | <policy> | Policy |
srcip | <sip> | IP Address |
user_id | <login> | String |