Netskope Help

Validate the CrowdStrike Plugin

In order to validate the workflow, you must have Netskope Alerts and/or CrowdStrike Detections. These will be queried based on the polling interval previously configured in the plugins.

  1. Go to Threat Exchange and select Threat IoCs.

    You should see records from your CrowdStrike plugin. You can filter based on Source values to check both the Netskope and CrowdStrike plugins.

    image38.jpeg
  2. In your Netskope UI, go to Policies > File, select your custom File Profile, and click File Hash.

    image39.jpeg
  3. If data is not being brokered between the platforms, you can look at the audit logs in Cloud Exchange. In Cloud Exchange, go to Logging and look through the logs for errors.

    image40.jpeg