Netskope provides smart cloud security which controls activities across any cloud service or website and provides 360-degree data and threat protection that works everywhere. This connector facilitates automated operations like get alerts list, get events list, and urls related operations.
This document provides information about the Netskope connector, which facilitates automated interactions, with a Netskope server using FortiSOAR™ playbooks. Add the Netskope connector as a step in FortiSOAR™ playbooks and perform automated operations with Netskope.
Connector Version: 2.0.0
Authored By: Fortinet
Certified: No
Following enhancements have been made to the Netskope connector in version 2.0.0:
Use the Content Hub to install the connector. For the detailed procedure to install a connector, click here.
You can also use the yum command as a root user to install the connector:
yum install cyops-connector-netskope
For the procedure to configure a connector, click here
In FortiSOAR™, on the Connectors page, click the Netskope connector row (if you are in the Grid view on the Connectors page) and in the Configurations tab enter the required configuration details:
| Parameter | Description |
|---|---|
| Server URL | Specify the server URL to connect and perform the automated operations. |
| API Token | Specify the API token to connect and perform the automated operations. |
| Verify SSL | Specifies whether the SSL certificate for the server is to be verified. By default, this option is selected, i.e., set to true. |
You can use the following automated operations in playbooks and also use the annotations to access operations:
| Function | Description | Annotation and Category |
|---|---|---|
| Get Alerts List | Retrieves a detailed list of alerts based on the query, alert type, and other filter criteria that you have specified. | get_alerts_list Investigation |
| Get Events List | Retrieves a detailed list of events based on the query, event type, and other filter criteria that you have specified. | get_events_list Investigation |
| Create URL List | Creates an URL blocked-list in Netskope based on the list name, list type, and the URLs that you have specified. | create_url_list Investigation |
| Get All URL List | Retrieves a detailed list of URL blocked-list based on the pending and comma-separated field parameters that you have specified. | get_url_list Investigation |
| Get URL List Details | Retrieves a detailed for specific URL blocked-list based on the URL list ID that you have specified. | get_url_list_details Investigation |
| Add URL List | Appends a URL blocked-list in Netskope based on the URL list ID, list type, and URLs that you have specified. | add_url_list Investigation |
| Update URL List | Updates a URL blocked-list in Netskope based on the URL list ID, list type, and URLs that you have specified. | update_url_list Investigation |
| Delete URL List | Deletes a specific URL blocked-list from Netskope based on the URL list ID you have specified. | delete_url_list Investigation |
| Get Client List | Retrieves a detailed list of SCIM users based on the filter query and other pagination parameters that you have specified. | get_client_list Investigation |
| Execute an API Request | Sends an API request to any API endpoint based on specified HTTP method, endpoint, and other input parameters that you have specified, enabling flexible API interactions tailored to user needs. | send_custom_request Investigation |
| Parameter | Description |
|---|---|
| Query | (Optional) Specify a query to filter the records retrieved from Netskope. |
| Alert Type | (Optional) Select the alert type to filter the records retrieved from Netskope. You can choose from the following options:
|
| Acknowledged Alerts | (Optional) Select this option to retrieve acknowledged alerts from Netskope. |
| Start DateTime | (Optional) Select the start date and time for the duration to filter the records from Netskope, retrieving those greater than or equal to the specified time.
NOTE: Do not use this parameter in combination with Insertion Start DateTime and Insertion End DateTime. |
| End DateTime | (Optional) Select the end date and time for the duration to filter the records from Netskope, retrieving those less than or equal to the specified time.
NOTE: Do not use this parameter in combination with Insertion Start DateTime and Insertion End DateTime. |
| Insertion Start DateTime | (Optional) Select the insertion start date and time for the duration to filter the records from Netskope, retrieving those greater than or equal to the specified time.
NOTE: Do not use this parameter in combination with Start DateTime and End DateTime. |
| Insertion End DateTime | (Optional) Select the insertion end date and time for the duration to filter the records from Netskope, retrieving those less than or equal to the specified time.
NOTE: Do not use this parameter in combination with Start DateTime and End DateTime. |
| Limit | (Optional) Specify the maximum number of records to return in response.
NOTE: API responses can include up to |
| Offset | (Optional) Specify the number of records to skip when retrieving records from Netskope. Default value is 0. |
The output contains a non-dictionary value.
| Parameter | Description |
|---|---|
| Event Type | Select the event type to filter the records retrieved from Netskope. You can choose from the following:
|
| Query | (Optional) Specify a query to filter the records retrieved from Netskope. |
| Start DateTime | (Optional) Select the start date and time for the duration to filter the records from Netskope, retrieving those greater than or equal to the specified time.
NOTE: Do not use this parameter in combination with Insertion Start DateTime and Insertion End DateTime. |
| End DateTime | (Optional) Select the end date and time for the duration to filter the records from Netskope, retrieving those less than or equal to the specified time.
NOTE: Do not use this parameter in combination with Insertion Start DateTime and Insertion End DateTime. |
| Insertion Start DateTime | (Optional) Select the insertion start date and time for the duration to filter the records from Netskope, retrieving those greater than or equal to the specified time.
NOTE: Do not use this parameter in combination with Start DateTime and End DateTime. |
| Insertion End DateTime | (Optional) Select the insertion end date and time for the duration to filter the records from Netskope, retrieving those less than or equal to the specified time.
NOTE: Do not use this parameter in combination with Start DateTime and End DateTime. |
| Limit | (Optional) Specify the maximum number of records to return in response.
NOTE: API responses can include up to |
| Offset | (Optional) Specify the number of records to skip when retrieving records from Netskope. Default value is 0. |
The output contains a non-dictionary value.
| Parameter | Description |
|---|---|
| URL List Name | Specify the name of the list to create the URL blocked-list in Netskope. |
| URL List Type | Specify the format for entering URLs in the URLs parameter. Possible values are exact and regex. |
| URLs | Specify a comma-separated list of URLs — if the URL List Type is exact — and specify a comma-separated list of regex — if the URL List Type is regex — to create the URL blocked-list in Netskope. |
The output contains a non-dictionary value.
| Parameter | Description |
|---|---|
| Pending | (Optional) Specify to filter and retrieve URL blocked-lists from Netskope based on their processing status.
|
| Field | (Optional) Specify comma-separated list of fields to filter and retrieve URL blocked-lists from Netskope. |
The output contains a non-dictionary value.
| Parameter | Description |
|---|---|
| URL List ID | Specify the ID of the URL blocked-list whose details you want to retrieve details from Netskope. |
The output contains a non-dictionary value.
| Parameter | Description |
|---|---|
| URL List ID | Specify the ID of the URL blocked-list in which to append the URLs for blocking in Netskope. |
| URL List Type | Specify the format for entering URLs in the URLs parameter. Possible values are exact and regex. |
| URLs | Specify a comma-separated list of URLs — if the URL List Type is exact — and specify a comma-separated list of regex — if the URL List Type is regex — to append the URLs to this URL list in Netskope. |
The output contains a non-dictionary value.
| Parameter | Description |
|---|---|
| URL List ID | Specify the ID of the URL blocked-list in which to update the URLs for blocking in Netskope. |
| URL List Name | (Optional) Specify the name of the list to update in Netskope. |
| URL List Type | (Optional) Specify the format for entering URLs in the URLs parameter. Possible values are exact and regex. |
| URLs | Specify a comma-separated list of URLs — if the URL List Type is exact — and specify a comma-separated list of regex — if the URL List Type is regex — with which to replace the existing URL list in Netskope. |
The output contains a non-dictionary value.
| Parameter | Description |
|---|---|
| URL List ID | Specify the ID of the URL list which to delete from Netskope. |
The output contains a non-dictionary value.
| Parameter | Description |
|---|---|
| Filter | (Optional) Specify the query to filter retrieved data from Netskope. |
| Limit | (Optional) Specify the maximum number of records to return in response. Default value is 50. |
| Offset | (Optional) Specify the number of records to skip when retrieving records from Netskope. Default value is 0. |
The output contains a non-dictionary value.
| Parameter | Description |
|---|---|
| HTTP Method | Select an HTTP action for the request. You can select from the following options:
|
| Endpoint | Specify the target API URL path for the request. For example, if the website is https://example.com and URL path is https://example.com/api/v2/incidents/search, the endpoint would be /api/v2/incidents/search. |
| Query Parameters | (Optional) Specify any optional parameters to add to the URL and refine the request. |
| Request Payload | (Optional) Specify data, as JSON, to be sent as the request payload (typically for POST or PUT requests). |
The output contains a non-dictionary value.
The Sample - Netskope - 2.0.0 playbook collection comes bundled with the Netskope connector. These playbooks contain steps using which you can perform all supported actions. You can see bundled playbooks in the Automation > Playbooks section in FortiSOAR™ after importing the Netskope connector.
Note: If you are planning to use any of the sample playbooks in your environment, ensure that you clone those playbooks and move them to a different collection since the sample playbook collection gets deleted during connector upgrade and delete.
Netskope provides smart cloud security which controls activities across any cloud service or website and provides 360-degree data and threat protection that works everywhere. This connector facilitates automated operations like get alerts list, get events list, and urls related operations.
This document provides information about the Netskope connector, which facilitates automated interactions, with a Netskope server using FortiSOAR™ playbooks. Add the Netskope connector as a step in FortiSOAR™ playbooks and perform automated operations with Netskope.
Connector Version: 2.0.0
Authored By: Fortinet
Certified: No
Following enhancements have been made to the Netskope connector in version 2.0.0:
Use the Content Hub to install the connector. For the detailed procedure to install a connector, click here.
You can also use the yum command as a root user to install the connector:
yum install cyops-connector-netskope
For the procedure to configure a connector, click here
In FortiSOAR™, on the Connectors page, click the Netskope connector row (if you are in the Grid view on the Connectors page) and in the Configurations tab enter the required configuration details:
| Parameter | Description |
|---|---|
| Server URL | Specify the server URL to connect and perform the automated operations. |
| API Token | Specify the API token to connect and perform the automated operations. |
| Verify SSL | Specifies whether the SSL certificate for the server is to be verified. By default, this option is selected, i.e., set to true. |
You can use the following automated operations in playbooks and also use the annotations to access operations:
| Function | Description | Annotation and Category |
|---|---|---|
| Get Alerts List | Retrieves a detailed list of alerts based on the query, alert type, and other filter criteria that you have specified. | get_alerts_list Investigation |
| Get Events List | Retrieves a detailed list of events based on the query, event type, and other filter criteria that you have specified. | get_events_list Investigation |
| Create URL List | Creates an URL blocked-list in Netskope based on the list name, list type, and the URLs that you have specified. | create_url_list Investigation |
| Get All URL List | Retrieves a detailed list of URL blocked-list based on the pending and comma-separated field parameters that you have specified. | get_url_list Investigation |
| Get URL List Details | Retrieves a detailed for specific URL blocked-list based on the URL list ID that you have specified. | get_url_list_details Investigation |
| Add URL List | Appends a URL blocked-list in Netskope based on the URL list ID, list type, and URLs that you have specified. | add_url_list Investigation |
| Update URL List | Updates a URL blocked-list in Netskope based on the URL list ID, list type, and URLs that you have specified. | update_url_list Investigation |
| Delete URL List | Deletes a specific URL blocked-list from Netskope based on the URL list ID you have specified. | delete_url_list Investigation |
| Get Client List | Retrieves a detailed list of SCIM users based on the filter query and other pagination parameters that you have specified. | get_client_list Investigation |
| Execute an API Request | Sends an API request to any API endpoint based on specified HTTP method, endpoint, and other input parameters that you have specified, enabling flexible API interactions tailored to user needs. | send_custom_request Investigation |
| Parameter | Description |
|---|---|
| Query | (Optional) Specify a query to filter the records retrieved from Netskope. |
| Alert Type | (Optional) Select the alert type to filter the records retrieved from Netskope. You can choose from the following options:
|
| Acknowledged Alerts | (Optional) Select this option to retrieve acknowledged alerts from Netskope. |
| Start DateTime | (Optional) Select the start date and time for the duration to filter the records from Netskope, retrieving those greater than or equal to the specified time.
NOTE: Do not use this parameter in combination with Insertion Start DateTime and Insertion End DateTime. |
| End DateTime | (Optional) Select the end date and time for the duration to filter the records from Netskope, retrieving those less than or equal to the specified time.
NOTE: Do not use this parameter in combination with Insertion Start DateTime and Insertion End DateTime. |
| Insertion Start DateTime | (Optional) Select the insertion start date and time for the duration to filter the records from Netskope, retrieving those greater than or equal to the specified time.
NOTE: Do not use this parameter in combination with Start DateTime and End DateTime. |
| Insertion End DateTime | (Optional) Select the insertion end date and time for the duration to filter the records from Netskope, retrieving those less than or equal to the specified time.
NOTE: Do not use this parameter in combination with Start DateTime and End DateTime. |
| Limit | (Optional) Specify the maximum number of records to return in response.
NOTE: API responses can include up to |
| Offset | (Optional) Specify the number of records to skip when retrieving records from Netskope. Default value is 0. |
The output contains a non-dictionary value.
| Parameter | Description |
|---|---|
| Event Type | Select the event type to filter the records retrieved from Netskope. You can choose from the following:
|
| Query | (Optional) Specify a query to filter the records retrieved from Netskope. |
| Start DateTime | (Optional) Select the start date and time for the duration to filter the records from Netskope, retrieving those greater than or equal to the specified time.
NOTE: Do not use this parameter in combination with Insertion Start DateTime and Insertion End DateTime. |
| End DateTime | (Optional) Select the end date and time for the duration to filter the records from Netskope, retrieving those less than or equal to the specified time.
NOTE: Do not use this parameter in combination with Insertion Start DateTime and Insertion End DateTime. |
| Insertion Start DateTime | (Optional) Select the insertion start date and time for the duration to filter the records from Netskope, retrieving those greater than or equal to the specified time.
NOTE: Do not use this parameter in combination with Start DateTime and End DateTime. |
| Insertion End DateTime | (Optional) Select the insertion end date and time for the duration to filter the records from Netskope, retrieving those less than or equal to the specified time.
NOTE: Do not use this parameter in combination with Start DateTime and End DateTime. |
| Limit | (Optional) Specify the maximum number of records to return in response.
NOTE: API responses can include up to |
| Offset | (Optional) Specify the number of records to skip when retrieving records from Netskope. Default value is 0. |
The output contains a non-dictionary value.
| Parameter | Description |
|---|---|
| URL List Name | Specify the name of the list to create the URL blocked-list in Netskope. |
| URL List Type | Specify the format for entering URLs in the URLs parameter. Possible values are exact and regex. |
| URLs | Specify a comma-separated list of URLs — if the URL List Type is exact — and specify a comma-separated list of regex — if the URL List Type is regex — to create the URL blocked-list in Netskope. |
The output contains a non-dictionary value.
| Parameter | Description |
|---|---|
| Pending | (Optional) Specify to filter and retrieve URL blocked-lists from Netskope based on their processing status.
|
| Field | (Optional) Specify comma-separated list of fields to filter and retrieve URL blocked-lists from Netskope. |
The output contains a non-dictionary value.
| Parameter | Description |
|---|---|
| URL List ID | Specify the ID of the URL blocked-list whose details you want to retrieve details from Netskope. |
The output contains a non-dictionary value.
| Parameter | Description |
|---|---|
| URL List ID | Specify the ID of the URL blocked-list in which to append the URLs for blocking in Netskope. |
| URL List Type | Specify the format for entering URLs in the URLs parameter. Possible values are exact and regex. |
| URLs | Specify a comma-separated list of URLs — if the URL List Type is exact — and specify a comma-separated list of regex — if the URL List Type is regex — to append the URLs to this URL list in Netskope. |
The output contains a non-dictionary value.
| Parameter | Description |
|---|---|
| URL List ID | Specify the ID of the URL blocked-list in which to update the URLs for blocking in Netskope. |
| URL List Name | (Optional) Specify the name of the list to update in Netskope. |
| URL List Type | (Optional) Specify the format for entering URLs in the URLs parameter. Possible values are exact and regex. |
| URLs | Specify a comma-separated list of URLs — if the URL List Type is exact — and specify a comma-separated list of regex — if the URL List Type is regex — with which to replace the existing URL list in Netskope. |
The output contains a non-dictionary value.
| Parameter | Description |
|---|---|
| URL List ID | Specify the ID of the URL list which to delete from Netskope. |
The output contains a non-dictionary value.
| Parameter | Description |
|---|---|
| Filter | (Optional) Specify the query to filter retrieved data from Netskope. |
| Limit | (Optional) Specify the maximum number of records to return in response. Default value is 50. |
| Offset | (Optional) Specify the number of records to skip when retrieving records from Netskope. Default value is 0. |
The output contains a non-dictionary value.
| Parameter | Description |
|---|---|
| HTTP Method | Select an HTTP action for the request. You can select from the following options:
|
| Endpoint | Specify the target API URL path for the request. For example, if the website is https://example.com and URL path is https://example.com/api/v2/incidents/search, the endpoint would be /api/v2/incidents/search. |
| Query Parameters | (Optional) Specify any optional parameters to add to the URL and refine the request. |
| Request Payload | (Optional) Specify data, as JSON, to be sent as the request payload (typically for POST or PUT requests). |
The output contains a non-dictionary value.
The Sample - Netskope - 2.0.0 playbook collection comes bundled with the Netskope connector. These playbooks contain steps using which you can perform all supported actions. You can see bundled playbooks in the Automation > Playbooks section in FortiSOAR™ after importing the Netskope connector.
Note: If you are planning to use any of the sample playbooks in your environment, ensure that you clone those playbooks and move them to a different collection since the sample playbook collection gets deleted during connector upgrade and delete.
