Hi All,
Has anyone integrated Crowdstrike NG SIEM with Netskope. In Crowdstrike i can see that their is native integration with Netskope and require API Key. API V2 Document which is available in Crowdstrike portal is outdated. In Netskope, we need to create role and then generate API key. Not sure which role we should assign in Netskope Tenant before generating API key.
and also correct me if role creation in Tenant Admin and generating API key is wrong method.
Thank you in Advance.
Govi33
Best answer by notskope
Only API V1 and transaction log API endpoints are being removed.
Crowdstrike supports the API V2 endpoints. You only need to figure out an AWS/GCP/Azure bucket storage for transaction logs if you are licensed for that.
You can create whatever role name you want, just set the following permissions:
Hover over the “i” to see the API scopes that are linked to the permission:
@NOTSCOPE
You can create whatever role name you want, just set the following permissions:
Hover over the “i” to see the API scopes that are linked to the permission:
Thank you for the info, however i see that Netskope is using RBAC V3 and our tenant is already upgraded to RBAC. What i understand from some of the netskope articles i red that we need to use AWS S3 bucket to ship log and then Crowdstrike collect logs from AWS S3 bucket.
and below is the announcement link.
https://docs.netskope.com/en/netskope-product-eol-announcements
Setup looks to be bit complicated/
I spoke to one of the guy in Crowdstrike and he provided me the same links.
In short no straight forward integration is can be done last before.
API will be discontinued on 31 December 2025.
Only API V1 and transaction log API endpoints are being removed.
Crowdstrike supports the API V2 endpoints. You only need to figure out an AWS/GCP/Azure bucket storage for transaction logs if you are licensed for that.
Already have an account? Login
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.
