How to Query Netskope Client Status Using REST API v2

Netskope Global Technical Success (GTS)

How to Query Netskope Client Status Using REST API v2

Netskope Cloud Version - 122

Objective

This document contains instructions for customers who wish to query Netskope Client status via Netkope Rest API v2.

Parent Article

Context

The Netskope Client periodically reports Client status to the Netskope backend to have visibility in the tenant UI for different aspects of Clients. For example, status about user-initiated actions (enable/disable), installation/upgrade status, current tunnel status (Up/Down) etc. Users can check the Client status logs on the device page on the tenant UI.

Through the use of a Client status iterator, the Netskope platform tracks log consumption though a simplified operational workflow. When a consumer requests a page of Client status events from the endpoint, Netskope delivers the requested events, and writes an index with the watermark of events provided. When the consumer has completed processing the requested page of events, the consumer simply requests the next page.

IMPORTANT

As opposed to Client Data (endpoint in Rest API v1: api/v1/clients), the iterator will only capture Client Status post its creation, not before.

Example #1:

The device page reports data in the last 7 days.
We created the iterator today at 13:00.
No new client events have been inserted within the Device Page post the creation of the iterator.
When querying Iterator, the response body will be empty.

Example #2:

The device page reports data in the last 7 days.
We created the iterator today at 13:00.
New client events have been inserted within the Device page post the creation of the iterator.
When querying Iterator, the response will contain the client status.

Workflow

Step 1

Path: Netskope Tenant UI >>> Settings >>> Tools >>> Rest API v2, and ensure that Rest API v2 is enabled.

AD_4nXe5uZMvZ4NdsHW3QmkW47ZekORFyC4FV5aLSoigwD8rLsfF9nJwC79hIswnUC7aMlQTRLuaX8P_MAKF8cJPhT7QB8nQG1xRN5KiZfSfGQyoKGg1U-WeS_1i3Qd4TOnPbVakbuG_mQ?key=L6XSN19Du-X_1dpQBre5JeFW

Step 2

Click on “New Token”, enter a token name, edit the expiration time, click on “add endpoint”, search by iterator, grant read and write access, save and copy the token.

AD_4nXfU0MPCmgPnb4VPMgW9XGBRUBJJKW-T62yq7MJYrRvtfzyRWHPUYGvnqNJ_do7RP_d9gCug3a6_2fV3qd-BIAU3ansnSDE2JDW_Z0sWlOoe8XbTDuSBujE6G6bamffFnftFZKou?key=L6XSN19Du-X_1dpQBre5JeFW

Step 3

Click on “API Documentation” to open Swagger page.

AD_4nXd8K4o6yRcL_Z_JmYhw93r1cFxlJGoPMnGrpbA4ZGed9iXm4tZCGW9PNG-r0tFguvjmF0bWtI6gFfuHQP-KnkRdLTKfALBsqsFnV3uQLNXe01meQetut4rGVv73R2Qaz4kN8nmk?key=L6XSN19Du-X_1dpQBre5JeFW

Step 4

Once Swagger is open, click on “Authorize” then add the token given above.

AD_4nXeWhy0wkg0BubloxqAKQVjc12faT1GC_vGKPqy3_gWgl8K7nplAX5GJl0zKCZlC5MFOupqt9bZSjtHGhZ-I3eCQ1HY43d18T6mtb0bL6jiBPiSx7P6HJX7tXbVOo_RGbcXRCC7vyA?key=L6XSN19Du-X_1dpQBre5JeFW

Step 5

Once the token is authorized, scroll down to find “/api/v2/events/dataexport/iterator/{name} Create a new iterator”, then click on “try it out”, then add a name and click on “Execute”

AD_4nXepnWP3KP1b4n7hWHERG-0-YI9h9chNsNPikekrWREf-ljyJX8BszlB-_f-DN1d6hCooRFII3QKz7a71aSU5tVrWTz-Tm1CP5QWlsQ-te9c-Hxp3s-uUh3szd_5sGbnuhkAMTjWog?key=L6XSN19Du-X_1dpQBre5JeFW

Note: Copy the iterator name given within the response body, for this example is:

MyFirstiterator_3489518e-2b97-4828-b60b-20db98723b7a

Step 6

Once we created an iterator, we need to ensure that is ready to be used, for this, now use: "/api/v2/events/dataexport/iterator/{name} Get iterator status", click on “try this out”, and enter the above iterator name, then click on “Execute”

AD_4nXd7VoeyxIe_eJd3jNZrVA9co2dGnP4v6L7EKqqWSOuazHD2vucJYp17mtP0kc6_MtgRdiUvAjLpRAFQkwuHlOE0Husw8EtDD8obIvg25NleqlL0rqDm3pEWPRp7iYH4GXx-2x9ZFA?key=L6XSN19Du-X_1dpQBre5JeFW

Step 7

Once our iterator is ready, we can pull client events generated and inserted on the Devices page from that moment and on.

Look for

"/api/v2/events/dataexport/iterator/{name}/events Export events generated by Netskope", then click on “try it out”, enter your iterator name, then click on “Execute”

AD_4nXck0nVbGt-Vdb5qvwCYOfPOsLo0G4XsGZpARaFVzh_PU1E-Zlm_3RtTKwuFs7ZyQ46HXPxiFyfESqIsp5ZI7ugbZijlbfH_E6CcL-GwCRzTkNmBpm8Zlih5SFjp1jBT9vJquYbqmQ?key=L6XSN19Du-X_1dpQBre5JeFW

Highlights

Response body contains the client data in a .csv format, which by clicking “download” will be shown as below

AD_4nXfMW-epkMY5gHUzGGZ9SCdVIrgBocCH4F7e-0DafgcV-OCsZ053ybm26PRmDag5pCHRaGfpNf1tUOzunu3fcttdvMFfpAMbq7hg5lI0bVEprc4aRMtBJfMN_GKllPwiqTRCX6HQ6A?key=L6XSN19Du-X_1dpQBre5JeFW

Review the wait_time attribute in the response header and wait for enough time accordingly, like “wait_time”: 1

API Limits

We allow only one Client status iterator per tenant.
Concurrent Create Iterator or Delete Iterator requests are not supported and could result in a request failure.
The iterator service is designed to stream the recent event logs with high speed. You can only request for event logs that are not older than a certain time period; older events are dropped automatically if not requested in time. The supported retention for Client status iterators is 7 days.
Concurrent event fetch requests on the same iterator are not supported and will result in request failure.
Multiple consumers request event logs from the same iterator concurrently is not supported and could result in the appearance of missing data on the consumer.

Terms & Condition

All documented information undergoes testing and verification to ensure accuracy.
In the future, If any such platform changes are brought to our attention, we will promptly update the documentation to reflect them.

Notes

This article is authored by Netskope Global Technical Success (GTS).
For any further inquiries related to this article, please contact Netskope GTS by submitting a support case with 'Case Type – How To Questions'.

Netskope Global Technical Success (GTS)

How to Query Netskope Client Status Using REST API v2

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded