What are two supported methods to accomplish this task?

You need to extract events and alerts from the Netskope Security Cloud platform and push it to a SIEM solution.

What are two supported methods to accomplish this task? (Choose two.)
A . Use Cloud Ticket Orchestrator.
B . Use Cloud Log Shipper.
C . Stream directly to syslog.
D . Use the REST API.

View Answer

Answer: B, D

Explanation:

To extract events and alerts from the Netskope Security Cloud platform and integrate them with a SIEM (Security Information and Event Management) solution, you can utilize the following supported methods:

Cloud Log Shipper (CLS):

The Cloud Log Shipper is designed to forward Netskope logs to external systems, including SIEMs.

It allows you to export logs in real-time or batch mode to a destination of your choice.

By configuring CLS, you can ensure that Netskope events and alerts are sent to your SIEM for further analysis and correlation.

Reference: Netskope Documentation on Cloud Log Shipper REST API:

The Netskope Security Cloud provides a comprehensive REST API that allows you to programmatically retrieve data, including events and alerts.

You can use the REST API to query specific logs, incidents, or other relevant information from Netskope.

By integrating with the REST API, you can extract data and push it to your SIEM solution.

Reference: Netskope REST API Documentation

Reference: Netskope Cloud Security

Netskope Resources

Netskope Documentation

These methods ensure seamless data flow between Netskope and your SIEM, enabling effective security monitoring and incident response.