The SkopeIT query bar is powerful tool to show filtered data. Sometimes it is a bit challenging to find the name of a field to be used in a query. E.g. we recently introduced a new SkopeIT field called "Netskope Pop". This field tells you, where the traffic was enforced. The get field name for a query just mouse over the field in the detailed event view (see screenshot). Then you can use it in a query like this: "netskope_pop like FRA1".
Page 1 / 1
Good Info Jürgen! I'd like to add, that DC names have the country code prepended: DE-FRA1, CH-ZRH1, FR-PAR1 etc. One can therefore also filter on countries. And the DC codes have just been added to the KB: https://support.netskope.com/hc/en-us/articles/360035977513-NewEdge-Point-of-Presence-Data-Plane-and-Management-Plane-Global-Edge-Expansion-Status-and-IP-Ranges
A good starting point is the article on SkopeIT query language. From there, one may continue to examples, etc.
Reply
Login to the community
If you haven't already registered, now is a good time to do so. After you register, you can post to the community, receive email notifications, and lots more. It's quick and it's free! Create an account
Login with SSO
Employee Partneror
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.