Forensics for Azure Blob Storage
Forensics for Azure Blob Storage
You can configure an Azure Blob Storage to store forensic-related objects.
Note
- Netskope supports forensic destination on Azure Blob Storage accounts only. For additional information on storage account types, refer to the Azure documentation located here.
- Azure forensics is not supported if the Azure account is a government account.
The following workflow diagram provides a visual representation of the steps required to configure your Azure Blob Storage as a forensic destination.
The setup process requires you to use Azure built-in roles or create custom roles and assign the necessary permissions to Netskope. These permissions are required to perform tasks to store forensic-related logs in Blob storage. You can review the permissions in Step 2/3: Assign Azure permissions to store forensic objects.
You can use custom roles to limit Netskope’s permissions by assigning the role to a storage account instead of the subscription.
To learn more about limiting the scope of the role: Limit permissions for Forensics to Azure Storage Account section.
To learn more: Enabling Forensics for Azure Blob Storage.
