Skip to main content
Question

CE Log Shipper - Netskope client device logs (disable client/re-enable client)

  • October 24, 2024
  • 1 reply
  • 108 views
1

Hello,

We are ingesting Netskope logs via CE Log Shipper into Elastic. These are events and alerts.

 

How can we ingest the Netskope client related events for users disabling/re-enabling the client? Advanced Analytics presents this information, so the logs exist. Can they be exported via CE Log Shipper?

Thanks.

    This topic has been closed for replies.

    1 reply

    notskope
    • notskope
    • New Member III
    • November 18, 2024

    Not as far as I know, bizarrely, client logs seems to be somewhat of an afterthought for Netskope. There was not even a V2 API for them until recently, and it’s implemented in a strange way compared to the other dataexport api endpoints:

     

    https://docs.netskope.com/en/using-the-rest-api-v2-dataexport-iterator-endpoints/#using-the-client-status-iterator-api

     

    As far as I can tell, Cloud Exchange does not attempt to pull client logs using this endpoint, as it is not required in the Cloud Exchange setup documentation:

    https://docs.netskope.com/en/api-tokens/#v2-rest-api-scopes

    Former Netskope PS Consultant, Current Netskope customer
    elawaetz

    Badges Winner

    Show all badges

    Not finding what you're looking for?

    Don't be shy and let us know about your challenge.

    Ask your question here!
    Terms & ConditionsCookie settingsAccessibility statement