Skip to main content

Netskope Help

Configure Log Shipper SIEM Mappings

Admins can configure SIEM mappings to ingest the events and alerts from a Netskope tenant into their SIEM platform. Admin should configure Netskope and SIEM destination plugin, and also configure a business rule if they plan to ingest only selective alerts and events.

  1. Go to Log Shipper > SIEM Mappings.

  2. Click Add SIEM Mapping.

  3. Select a Source Configuration, Business Rule, and a Destination Configuration.

  4. Click Save.

Now all the incoming alerts and events should be ingested into your destination configuration.