Welcome to the Netskope One DSPM Knowledge Base

You will find your answers here!

    Sorry, we didn't find any relevant articles for you.

    Send us your queries using the form below and we will get back to you with a solution.

    Alerts Page

    For more detail into each security event/incident, click on “Alerts” in the left menu. You'll see a few widgets at the top showing Alerts Status, Alerts by Policy Type, and Top Policies by Alerts.

    Below, you'll see Netskope One DSPM alerts broken down by category of security event/incident. For each event/incident, Netskope One DSPM shows:

    • The Date/Timestamp of the incident
    • The severity of the alert
    • The policy (or policies) violated by the query
      • By clicking on the policy name, you can view a window that summarizes the logic in the policy 
    • The status of the alert -- this can be Open, Dismissed, or Resolved, and can be changed directly in the drop-down
    • The risk type (privacy violation or data exfiltration)
    • The database username or employee who issued the query
      • Note:  If many employees are using a BI/query tool that uses one database user account to interface with the data warehouse, Netskope One DSPM can extract the employee’s ID or email address from the query metadata. Please see Service Accounts.
    • The raw query itself
    • The number of rows produced by the query (if available)

    You can download a CSV of this page by clicking on “CSV Export.” You can also filter this page by clicking on the green filter icon in the top left of the page, and the filter drawer will open.

    Was this article helpful?

    Still can't find what you are looking for?

    Contact Netskope Technical Support