Forensics for Azure Blob Storage
You can configure an Azure Blob Storage to store forensic-related objects.
Note
Netskope supports forensic destination on Azure Blob Storage accounts only. For additional information on storage account types, refer to the Azure documentation located here.
Azure forensics is not supported if the Azure account is a government account.
The following workflow diagram provides a visual representation of the steps required to configure your Azure Blob Storage as a forensic destination.
The setup process requires you to use Azure built-in roles or create custom roles and assign the necessary permissions to Netskope. These permissions are required to perform tasks to store forensic-related logs in Blob storage. You can review the permissions in Step 2/3: Assign Azure permissions to store forensic objects.
You can use custom roles to limit Netskope's permissions by assigning the role to a storage account instead of the subscription.
To learn more about limiting the scope of the role: Limit permissions for Forensics to Azure Storage Account section.
To learn more: Enabling Forensics for Azure Blob Storage.