Netskope Help

Forensics for Azure Blob Storage

You can configure an Azure Blob Storage to store forensic-related objects.

Note

  • Netskope supports forensic destination on Azure Blob Storage accounts only. For additional information on storage account types, refer to the Azure documentation located here.

  • Azure forensics is not supported if the Azure account is a government account.

The following workflow diagram provides a visual representation of the steps required to configure your Azure Blob Storage as a forensic destination.

forensics-for-azure.png

The setup process requires you to use Azure built-in roles or create custom roles and assign the necessary permissions to Netskope. These permissions are required to perform tasks to store forensic-related logs in Blob storage. You can review the permissions in Step 2/3: Assign Azure permissions to store forensic objects.

You can use custom roles to limit Netskope's permissions by assigning the role to a storage account instead of the subscription.

To learn more about limiting the scope of the role: Limit permissions for Forensics to Azure Storage Account section.

To learn more: Enabling Forensics for Azure Blob Storage.