Skip to content

Update Netskope Readme #3220

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 7 commits into from
Jun 16, 2022
Merged

Update Netskope Readme #3220

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
7 commits
Select commit Hold shift + click to select a range
380fe9d
Update README.md
ellis-elastic Apr 28, 2022
e878703
Revert "Update README.md"
ellis-elastic Apr 28, 2022
10a052a
update readme
ellis-elastic Apr 28, 2022
85c685f
Update Netskope readme
ellis-elastic Apr 28, 2022
cbc4976
update changelog and ran build
ellis-elastic Apr 28, 2022
33f6cb0
bump version number and added a space
ellis-elastic Jun 9, 2022
7c2b275
Merge branch 'main' into Netskope
ellis-elastic Jun 16, 2022
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
16 changes: 8 additions & 8 deletions packages/netskope/_dev/build/docs/README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,7 +1,6 @@
# Netskope

This integration is for Netskope. It can be used
to receive logs sent by Netskope Cloud Log Shipper on respective TCP ports.
This integration is for Netskope. It can be used to receive logs sent by [Netskope Cloud Log Shipper](https://docs.netskope.com/en/cloud-exchange-feature-lists.html#UUID-e7c43f4b-8aad-679e-eea0-59ce19f16e29_section-idm4547044691454432680066508785) on respective TCP ports.

The log message is expected to be in JSON format. The data is mapped to
ECS fields where applicable and the remaining fields are written under
Expand All @@ -10,33 +9,34 @@ ECS fields where applicable and the remaining fields are written under
## Setup steps

1. Configure this integration with the TCP input in Kibana.
2. For all Netskope Cloud Exchange configurations refer to the [_Log Shipper_](https://docs.netskope.com/en/log-shipper.html).
2. For all Netskope Cloud Exchange configurations refer to the [Log Shipper](https://docs.netskope.com/en/cloud-exchange-feature-lists.html#UUID-e7c43f4b-8aad-679e-eea0-59ce19f16e29_section-idm4547044691454432680066508785).
3. In Netskope Cloud Exchange please enable Log Shipper, add your Netskope Tenant.
4. Configure input connectors:
1. First with all Event types, and
2. Second with all Alerts type.
For detailed steps refer [_Configure the Netskope Plugin for Log Shipper_](https://docs.netskope.com/en/configure-the-netskope-plugin-for-log-shipper.html).
For detailed steps refer to [Configure the Netskope Plugin for Log Shipper](https://docs.netskope.com/en/configure-the-netskope-plugin-for-log-shipper.html).
5. Creating mappings:
1. Navigate to Settings -> Log Shipper -> Mapping.
2. Click on Add mapping and paste mappings of Alerts mentioned below in Netskope Elastic Integration's Overview Page.
3. Click on Add mapping and paste mappings of Events mentioned below in Netskope Elastic Integration's Overview Page.
6. Configure output connectors:
1. Navigate to Settings -> Plugins.
2. Adding output connector **Elastic CLS**, select mapping created for Alerts and click **Next**, then paste the Events-validation in the **Valid Extensions** section for Alerts mentioned below in Netskope Elastic Integration's Overview Page.
For detailed steps refer [_Elastic Plugin for Log Shipper_](https://docs.netskope.com/en/elastic-plugin-for-log-shipper.html).
For detailed steps refer to [Elastic Plugin for Log Shipper](https://docs.netskope.com/en/elastic-plugin-for-log-shipper.html).
7. Create business rules:
1. Navigate to Home Page > Log Shipper > Business rules.
2. Create business rules with Netskope Alerts.
3. Create business rules with Netskope Events.
For detailed steps refer [_Manage Log Shipper Business Rules_](https://docs.netskope.com/en/manage-log-shipper-business-rules.html).
For detailed steps refer to [Manage Log Shipper Business Rules](https://docs.netskope.com/en/manage-log-shipper-business-rules.html).
8. Adding SIEM mappings:
1. Navigate to Home Page > Log Shipper > SIEM Mappings
2. Add SIEM mapping for events:
* Add **Rule** put rule created in step 7.
* Add **Source Configuration** put input created for Events in step 4.
* Add **Destination Configuration**, put output created for Events in step 6.
For detailed steps refer [_Configure Log Shipper SIEM Mappings_](https://docs.netskope.com/en/configure-log-shipper-siem-mappings.html).
9. *Please make sure to use the given response formats.*

> Note: For detailed steps refer to [Configure Log Shipper SIEM Mappings](https://docs.netskope.com/en/configure-log-shipper-siem-mappings.html).
Please make sure to use the given response formats.

## Compatibility

Expand Down
10 changes: 10 additions & 0 deletions packages/netskope/changelog.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,9 +1,19 @@
# newer versions go on top
- version: "1.0.1"
changes:
- description: Added linnk to vendor documentation
type: enhancement
link: https://github.com/elastic/integrations/pull/3220
- version: "1.0.0"
changes:
- description: Make GA
type: enhancement
link: https://github.com/elastic/integrations/pull/3428
- version: "0.1.3"
changes:
- description: removed Italic text in hyperlinks in readme
type: enhancement
link: https://github.com/elastic/integrations/pull/3110
- version: "0.1.2"
changes:
- description: Fix boolean conversion logic to accept "true", "false", "yes", and "no" as strings. Correct the type of `is_alert` and `is_web_universal_connector` to boolean.
Expand Down
16 changes: 8 additions & 8 deletions packages/netskope/docs/README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,7 +1,6 @@
# Netskope

This integration is for Netskope. It can be used
to receive logs sent by Netskope Cloud Log Shipper on respective TCP ports.
This integration is for Netskope. It can be used to receive logs sent by [Netskope Cloud Log Shipper](https://docs.netskope.com/en/cloud-exchange-feature-lists.html#UUID-e7c43f4b-8aad-679e-eea0-59ce19f16e29_section-idm4547044691454432680066508785) on respective TCP ports.

The log message is expected to be in JSON format. The data is mapped to
ECS fields where applicable and the remaining fields are written under
Expand All @@ -10,33 +9,34 @@ ECS fields where applicable and the remaining fields are written under
## Setup steps

1. Configure this integration with the TCP input in Kibana.
2. For all Netskope Cloud Exchange configurations refer to the [_Log Shipper_](https://docs.netskope.com/en/log-shipper.html).
2. For all Netskope Cloud Exchange configurations refer to the [Log Shipper](https://docs.netskope.com/en/cloud-exchange-feature-lists.html#UUID-e7c43f4b-8aad-679e-eea0-59ce19f16e29_section-idm4547044691454432680066508785).
3. In Netskope Cloud Exchange please enable Log Shipper, add your Netskope Tenant.
4. Configure input connectors:
1. First with all Event types, and
2. Second with all Alerts type.
For detailed steps refer [_Configure the Netskope Plugin for Log Shipper_](https://docs.netskope.com/en/configure-the-netskope-plugin-for-log-shipper.html).
For detailed steps refer to [Configure the Netskope Plugin for Log Shipper](https://docs.netskope.com/en/configure-the-netskope-plugin-for-log-shipper.html).
5. Creating mappings:
1. Navigate to Settings -> Log Shipper -> Mapping.
2. Click on Add mapping and paste mappings of Alerts mentioned below in Netskope Elastic Integration's Overview Page.
3. Click on Add mapping and paste mappings of Events mentioned below in Netskope Elastic Integration's Overview Page.
6. Configure output connectors:
1. Navigate to Settings -> Plugins.
2. Adding output connector **Elastic CLS**, select mapping created for Alerts and click **Next**, then paste the Events-validation in the **Valid Extensions** section for Alerts mentioned below in Netskope Elastic Integration's Overview Page.
For detailed steps refer [_Elastic Plugin for Log Shipper_](https://docs.netskope.com/en/elastic-plugin-for-log-shipper.html).
For detailed steps refer to [Elastic Plugin for Log Shipper](https://docs.netskope.com/en/elastic-plugin-for-log-shipper.html).
7. Create business rules:
1. Navigate to Home Page > Log Shipper > Business rules.
2. Create business rules with Netskope Alerts.
3. Create business rules with Netskope Events.
For detailed steps refer [_Manage Log Shipper Business Rules_](https://docs.netskope.com/en/manage-log-shipper-business-rules.html).
For detailed steps refer to [Manage Log Shipper Business Rules](https://docs.netskope.com/en/manage-log-shipper-business-rules.html).
8. Adding SIEM mappings:
1. Navigate to Home Page > Log Shipper > SIEM Mappings
2. Add SIEM mapping for events:
* Add **Rule** put rule created in step 7.
* Add **Source Configuration** put input created for Events in step 4.
* Add **Destination Configuration**, put output created for Events in step 6.
For detailed steps refer [_Configure Log Shipper SIEM Mappings_](https://docs.netskope.com/en/configure-log-shipper-siem-mappings.html).
9. *Please make sure to use the given response formats.*

> Note: For detailed steps refer to [Configure Log Shipper SIEM Mappings](https://docs.netskope.com/en/configure-log-shipper-siem-mappings.html).
Please make sure to use the given response formats.

## Compatibility

Expand Down
2 changes: 1 addition & 1 deletion packages/netskope/manifest.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
format_version: 1.0.0
name: netskope
title: "Netskope"
version: 1.0.0
version: 1.0.1
license: basic
description: Collect logs from Netskope with Elastic Agent.
type: integration
Expand Down