UEBA for Google Cloud Platform
UEBA for Google Cloud Platform
Note
This is a beta feature. Contact your Netskope sales representative to enable it on your tenant.
Netskope Public Cloud Security enables you to configure your Google Cloud Platform (GCP) organization/project with Google Cloud Logging for behavior analytics. The following workflow diagram provides a visual representation of the steps required to configure your GCP organization/project for UEBA.
The setup broadly comprises of:
- Create a custom role named
Netskope_UEBA_Role
with permissions required by Netskope for validating the instance creation. - Create a service account with the role created in step 1.
- Create and download the JSON private key. This key will be used during the GCP instance setup on the Netskope UI.
- Create aggregated log sink with Netskope hosted pub/sub as destination. The format followed by Netskope for the pub/sub topic will be
projects/ns-iaas-ueba-prod/topics/ns_ueba4gcp_<tenant-ui-hostname>
. - Note down the service account of the log sink which will be used during the GCP instance setup on the Netskope UI.
- Create a GCP instance on the Netskope UI.
To view detailed steps, see: Configure Google Cloud Platform for Cloud Logging.