Step 1/2: Configure AWS Accounts & Services for Forensic
Step 1/2: Configure AWS Accounts & Services for Forensic
On the Accounts & Services screen provide your AWS account number, account name, and admin email address. Then enable the services you want to run on the AWS accounts.
-
Log in to your Netskope tenant and navigate to Settings > Configure App Access > Classic > IaaS, select AWS, and click Setup.
-
Enter the AWS account number, account name, and admin email address in the text box. You can upload a CSV file with the account information, or enter the account information using the following format:
345689713654,production,timms@netskope.com
Account name is required to help you easily identify each account in the Netskope tenant. Email address is optional.For information on how to create a CSV file, see Creating a CSV file.
-
In the Services section, select Forensic.
This feature provides insight into user activity and alerts you when a DLP violation is found. The forensics data is stored in a forensics folder of the S3 bucket defined in the Forensic Profile. You can view your forensics profiles under Settings > Forensics.
You can view the forensic alerts under Incidents > DLP.
DLP Forensics is a licensed feature. Contact Support and get the license to enable this feature in your tenant UI.
To learn more about configuring a forensic profile, see Forensic Profile.
After providing the account information and selecting the services, proceed to Step 2/2: Configure AWS Permissions for Forensic.
Creating a CSV File
An effortless way to add multiple AWS accounts in the setup screen is to create a CSV file with the account numbers, account names, and email addresses.
You can use Microsoft Excel or Google Sheets to create a CSV file. To get the list of AWS account numbers, account names, and email addresses using the AWS CLI, run the following command:
aws --output=text organizations list-accounts | awk -F't' '{printf("%s,%s,%sn",$4,$7,$3)}'
The output of this command can then be copied to a spreadsheet in Microsoft Excel or Google Sheets and saved as a comma separated CSV, as shown in the screenshot.
This CSV file can then be uploaded to the setup screen.