Netskope Community
07-14-2023 04:26 AM
Hi Everyone,
Am attempting to create a report of all unsanctioned application usage where corporate email addresses have been used, is this possible with standard reporting?
Thank you
Solved! Go to Solution.
07-19-2023 01:12 PM
@Curious,
Yes this should be possible with classic reporting but Advanced Analytics would provide more insight. You can create a widget that has a query like:
activity like Login and app-cci-app-tag eq 'Unsanctioned' and from_user like corpdomain.com
The widget can then be configured to break down by user, app, and other fields:
This gives you insight into the corporate username and the from user that they leveraged. My example is sparse as my tenant just has traffic from me and my test accounts but here's a sample:
07-19-2023 01:12 PM
@Curious,
Yes this should be possible with classic reporting but Advanced Analytics would provide more insight. You can create a widget that has a query like:
activity like Login and app-cci-app-tag eq 'Unsanctioned' and from_user like corpdomain.com
The widget can then be configured to break down by user, app, and other fields:
This gives you insight into the corporate username and the from user that they leveraged. My example is sparse as my tenant just has traffic from me and my test accounts but here's a sample:
07-24-2023 01:40 AM
Thanks @sshiflett, love your work!
In order to view this content, you will need to sign in to your account. Simply click the "Sign In" button below
Sign In