Netskope Help

Validate the Plugins

In order to validate the workflow, you must have Netskope Alerts and/or Carbon Black Cloud Events. These will be queried based on the polling interval previously configured in the plugins.

  1. Go to Threat Exchange and select Threat IoCs. You should see records from your Carbon Black plugin.

  2. In your Netskope tenant, go to Policies > File, select your custom File Profile, and click File Hash.

  3. In the Carbon Black Console, go to Enforce > WatchLists > Your Custom Watchlist and then click on Reports.

  4. If data is not being brokered between the platforms, you can look at the audit logs in Cloud Exchange. In Cloud Exchange, go to Logging and look through the logs for errors.