To learn more about Out-of-the-box Integrations and their benefits, please refer to this article.

Configure Netskope Next Gen Secure Web Gateway

1. Log in to your Netskope UI.

2. Navigate to Event Streaming . Following the next path Settings > Tools > Event Streaming.

3. Copy your subscription endpoint and generate your download key from the Event Streaming page.

Keep in mind that generating a new endpoint or key may make any other existing integrations stop working.

Netskope event streaming is intended to feed a single consumer. Using it with multiple consumers (integrations) will cause unexpected behaviors. If you are already collecting Netskope metadata for other solutions like SIEMs, contact us to identify a different way to inject it to Lumu.

4. Contact Netskope support to update the transaction events format to “Format 3”.  Netskope Format 3 offers a richer data stream, enabling Lumu to better analyze traffic and provide you with more useful context about incidents. This step is not strictly mandatory but it is highly recommended to take the most out of Lumu and Netskope.

Add Integration

1. Log in to our Lumu account through the Lumu Portal and navigate to the integrations screen.

2. Locate the Netskope Next Gen SWG integration in the available apps area and click to add, then click to view details.

3. Familiarize yourself with the integration details available in the app description and click the button below to activate the integration.

4. To activate the integration, add a Name . By default, this integration will be tagged as unlabeled activity; however, you can select a label of your preference for additional visibility.

5. Add the Netskope credentials: Subscription Endpoint and Subscription Key. These parameters were obtained in the steps of the Configure Netskope Next Gen Secure Web Gateway section. Now select “Activate”.

6. The integration is now created and active. Now, the Lumu Portal will display the details of the created integration: