Next Generation API Data Protection Skope IT Events
Next Generation API Data Protection Skope IT Events
Once you have successfully integrated the SaaS app instance with Netskope, you should start receiving audit events on Skope IT.
To view audit events, navigate to Skope IT > EVENTS > Application Events. You can filter the events by application name, access method – API Connector or CASB API. Here is a sample audit events page:
Application Events Page
To view standard user behavior analytic alerts, navigate to Skope IT > EVENTS > Alerts, filter alert type by UBA. Here is a sample alerts page:
Alerts Page
It is important to note that the Alert Type value (under Skope IT > EVENTS & ALERTS > Alerts) for quarantine action in Next Generation API Data Protection is different than in Classic API Data Protection. If you have any forward integration like log ingestor, etc where these values are ingested, you should update these values. Refer the table below:
Product | Alert Type | Action |
---|---|---|
Classic API Data Protection | quarantine | quarantine |
Next Generation API Data Protection | policy | quarantine |
Examples:
-
Classic API Data Protection
-
Next Generation API Data Protection
It is important to note that the Alert Type value (under Skope IT > EVENTS & ALERTS > Alerts) for legal hold action in Next Generation API Data Protection is different than in Classic API Data Protection. If you have any forward integration like log ingestor, etc where these values are ingested, you should update these values. Refer the table below:
Product | Alert Type | Action |
---|---|---|
Classic API Data Protection | Legal Hold | Copy |
Next Generation API Data Protection | policy | Legal Hold |
Examples:
-
Classic API Data Protection
-
Next Generation API Data Protection