Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
Important
This feature is in Beta. Workspace admins can control access to this feature from the Previews page. See Manage Azure Databricks previews.
This page shows how to configure Netskope to enable authentication from Azure Databricks. The Netskope Logs connector uses a Netskope REST API v2 token to ingest data into Azure Databricks. Use the authentication details that you retrieve from the steps on this page to create a Unity Catalog connection in Azure Databricks.
Prerequisites
A Netskope tenant with administrator access to create a REST API v2 token. See the Netskope REST API v2 Overview.
A Netskope service account with a role that has View access to the events and alerts you want to ingest. See Netskope API Tokens.
Tip
Create the token for a Netskope service account rather than an individual user. If the individual user leaves your organization, this integration might break.
Create a Netskope REST API v2 token
In this step, you create a REST API v2 token in Netskope and note the credentials that you use to create a connection in Azure Databricks.
Sign in to your Netskope tenant as an administrator.
Note your tenant Domain, including the scheme. This is the address you use to sign in, for example
https://your-tenant.goskope.com. You enter this value when you create a connection in Azure Databricks.Choose a role for the connector's service account. Use either the built-in Tenant Admin role or a custom role that grants only the required privileges:
Tenant Admin role: The built-in Tenant Admin role already includes access to all events and alerts, so no further configuration is required. Use this option if you do not need to restrict the service account to specific data.
Custom role with only the required privileges (recommended): Go to Settings > Administration > Administrators & Roles, open the Roles tab, and create a role. Set the Permission for each functional area to View for the events and alerts you want to ingest. Grant the following:
Functional area Permission Source tables it enables Administration > Audit Log View auditDLP > Incidents View incidentInfrastructure > Infrastructure Log and Infrastructure > On-Premises View infrastructureSkope IT > Application Events View applicationSkope IT > Network Events View networkSkope IT > Page Events View pageSkope IT > Alerts View All alert_*tables (alert_compromisedcredential,alert_content,alert_ctep,alert_device,alert_dlp,alert_malsite,alert_malware,alert_policy,alert_quarantine,alert_remediation,alert_securityassessment,alert_uba,alert_watchlist)
Create a service account for the connector. Go to Settings > Administration > Administrators & Roles, open the Administrators tab, add a service account, assign the role you chose in the previous step, and set a token expiry. Databricks recommends a token expiry of 12 months.
Generate a REST API v2 token for the service account, then copy the token value immediately. Netskope does not display the token again after you close the dialog. You enter this value as the API Token when you create a connection in Azure Databricks.
Next steps
Create a Netskope Logs connection in Azure Databricks. See Create a Netskope Logs connection.