Metadata Collection

Metadata Collection

The Netskope One DSPM application collects necessary metadata to ensure you have complete visibility into your full data lifecycle, to automate and optimize security and governance.

  • Schema information
  • Classification results
  • User roles and access policies
  • Query logs 1

Samples used for classification remain within your network and are never shared with the Netskope One DSPM application. Application data is encrypted both at rest and in motion. Netskope One DSPM does not store any sensitive customer data in its database. Only metadata required for the application’s logical interface is stored (e.g., classification results and tags, application configuration, policies, and alerts).

Metadata Examples

Schema Information

{
    "tableName": "users",
    "path": "dev.public",
    "rowCount": 25343
},
{
    "tableName": "sales",
    "path": "dev.public",
    "rowCount": 152343
}
...

Classification Results

{
    "fieldName": "id",
    "path": "dev.public.users",
    "sqlType": "integer",
    "classification": "Not Sensitive"
},
{
    "fieldName": "first_name",
    "path": "dev.public.users",
    "sqlType": "varchar",
    "classification": "Name"
},
{
    "fieldName": "addr_1",
    "path": "dev.public.users",
    "sqlType": "varchar",
    "classification": "Address"
}
...

User Roles and Access Policies

{
    "username": "lbradshaw",
    "roles": ["all_users", "citadel_role"],
    "readAccess": ["dev.public", "dev.citadel"]
},
{
    "username": "htsang",
    "roles": ["eng"],
    "readAccess": ["dev.public.eng_table"]
},
{
    "username": "amodine",
    "roles": ["sys:operator", "sys:dba"],
    "readAccess": ["dev.public", "dev.citadel"],
    "writeAccess": ["dev.public", "dev.citadel"]
}
...

Query Logs

{
    "query": "SELECT * FROM users",
    "timestamp": "06-28-2023 14:31:50",
    "rowsReturned": 25343,
    "username": "lbradshaw"
},
{
    "query": "SELECT COUNT(*) FROM sales where id = 5",
    "timestamp": "06-26-2023 12:31:40",
    "rowsReturned": 1,
    "username": "amodine"
}
...

1 Query logs are collected only if Data Un Use Monitoring is enabled for the data store.

Share this Doc

Metadata Collection

Or copy link

In this topic ...