Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More
Socket
Sign inDemoInstall
Socket
Sign inDemoInstall

sumologic-netskope-collector

Package Overview
Dependencies
Maintainers
2
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

sumologic-netskope-collector

Sumo Logic collection solution for netskope

  • 1.0.10
  • PyPI
  • Socket score
Maintainers
2

sumologic-netskope-collector

Solution to pull data from Netskope to Sumo Logic

Installation

  1. Getting a token from Netskope portal

    • Login to Netskope as the Tenant Admin. Netskope REST APIs use an auth token to make authorized calls to the API. The token can be obtained from the UI by following the below steps
    • Go to the API portion of the Netskope UI ( Settings > Tools > Rest API)
    • Copy the existing token to your clipboard Alternatively, you can generate a new token and copy that

  2. Add a Hosted Collector and HTTP Source

    • To create a new Sumo Logic Hosted Collector, perform the steps in Configure a Hosted Collector.
    • Add an HTTP Logs and Metrics Source. Under Advanced you'll see options regarding timestamps and time zones and when you select Timestamp parsing specify the custom time stamp format as shown below: Format: epoch Timestamp locator: \"timestamp\": (.*),

  3. Configuring the sumologic-netskope collector Below instructions assume pip is already installed if not then, see the pip docs on how to download and install pip.

    sumologic-netskope-collector is compatible with python 3.7 and python 2.7. It has been tested on ubuntu 18.04 LTS and Debian 4.9.130. Login to a Linux machine and download and follow the below steps:

    • Install the collector using below command pip install sumologic-netskope-collector

    • Create a configuration file netskope.yaml in home directory using the sample.yaml file(in sumologic-netskope folder). Add the SUMO_ENDPOINT and TOKEN parameters obtained from step 1 and step 2 and replacing the "netskope domain" variable with your Netskope portal domain.

      SumoLogic:
  SUMO_ENDPOINT: <SUMO LOGIC HTTP URL>


Netskope:
  TOKEN: <NETSKOPE API TOKEN>
  NETSKOPE_EVENT_ENDPOINT: <netskope domain>/api/v1/events
  NETSKOPE_ALERT_ENDPOINT: <netskope domain>/api/v1/alerts

    • Create a cron job for running the collector every 5 minutes by using the crontab -e and adding the below line */5 * * * * /usr/bin/python -m sumonetskopecollector.netskope > /dev/null 2>&1

Keywords

FAQs

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries

Research

Security News

Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries

Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.

By Kirill Boychenko  -  Nov 22, 2024
SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

About

Packages

npm

Go

Maven

PyPI

Rubygems

Stay in touch

Get open source security insights delivered straight into your inbox.

  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc