Ask the community

Reporting on unsanctioned app usage

Curious
New Contributor II

Hi Everyone,

Am attempting to create a report of all unsanctioned application usage where corporate email addresses have been used, is this possible with standard reporting?

Thank you

1 Solution
sshiflett
Netskope
Netskope

@Curious

Yes this should be possible with classic reporting but Advanced Analytics would provide more insight.  You can create a widget that has a query like:

activity like Login and app-cci-app-tag eq 'Unsanctioned' and from_user like corpdomain.com

The widget can then be configured to break down by user, app, and other fields:

sshiflett_2-1689797504211.png

 


This gives you insight into the corporate username and the from user that they leveraged.  My example is sparse as my tenant just has traffic from me and my test accounts but here's a sample:

sshiflett_3-1689797522017.png

 

 






 


Sam Shiflett
Netskope Solution Architect - North America

View solution in original post

2 Replies 2
sshiflett
Netskope
Netskope

@Curious

Yes this should be possible with classic reporting but Advanced Analytics would provide more insight.  You can create a widget that has a query like:

activity like Login and app-cci-app-tag eq 'Unsanctioned' and from_user like corpdomain.com

The widget can then be configured to break down by user, app, and other fields:

sshiflett_2-1689797504211.png

 


This gives you insight into the corporate username and the from user that they leveraged.  My example is sparse as my tenant just has traffic from me and my test accounts but here's a sample:

sshiflett_3-1689797522017.png

 

 






 


Sam Shiflett
Netskope Solution Architect - North America
Curious
New Contributor II

Thanks @sshiflett, love your work!

Subscribe

In order to view this content, you will need to sign in to your account. Simply click the "Sign In" button below

Sign In