Skip to main content

Netskope (API v1)

This Integration is part of the Netskope Pack.#

Supported versions

Supported Cortex XSOAR versions: 6.2.0 and later.

Netskope (API v1)#

Get alerts and events, manage quarantine files as well as URL and hash lists using Netskope API v1. This integration was integrated and tested with version 93.0.7.625 of Netskope.

Configure Netskope in Cortex#

ParameterDescriptionRequired
Server URLTrue
API tokenTrue
Trust any certificate (not secure)False
Use system proxy settingsFalse
Fetch incidentsFalse
Maximum incidents per fetchFalse
First fetch timestamp (<number> <time unit>, like 12 hours, 7 days)False
Fetch EventsFetch events as incidents, in addition to the alerts.False
Event types to fetchFalse
Maximum events as incidents per fetchFalse

Commands#

You can execute these commands from the CLI, as part of an automation, or in a playbook. After you successfully execute a command, a DBot message appears in the War Room with the command details.

netskope-event-list#


Get events extracted from SaaS traffic and or logs.

Base Command#

netskope-event-list

Input#

Argument NameDescriptionRequired
queryFree query to filter the events. For example, "app eq Dropbox". For more information, please visit Netskope documentation: https://docs.netskope.com/en/get-events-data.html'Optional
event_typeSelect events by their type. Possible values are: page, application, audit, infrastructure, network.Required
timeperiodGet all events from a certain time period. Possible values are: Last 60 mins, Last 24 Hrs, Last 7 Days, Last 30 Days.Optional
start_timeRestrict events to those that have timestamps greater than the provided timestamp.Optional
end_timeRestrict events to those that have timestamps less than or equal to the provided timestamp.Optional
insertion_start_timeRestrict events to those that were inserted to the system after the provided timestamp.Optional
insertion_end_timeRestrict events to those that were inserted to the system before the provided timestamp.Optional
limitThe maximum amount of events to retrieve. Default is 50.Optional
pageThe page number of the events to retrieve (minimum is 1). Default is 1.Optional
unsortedIf true, the returned data will not be sorted (useful for improved performance). Possible values are: true, false.Optional

Context Output#

PathTypeDescription
Netskope.Event.event_idStringThe unique identifier of the event.
Netskope.Event.timestampNumberUnix epoch timestamp when the event happened in.
Netskope.Event.typeStringShows if it is an application event or a connection event.
Netskope.Event.access_methodStringCloud app traffic can be steered to the Netskope cloud using different deployment methods such as Client (Netskope Client), Secure Forwarder etc.
Netskope.Event.traffic_typeStringType of the traffic: CloudApp or Web.
Netskope.Event.countNumberNumber of raw log lines/events sessionized or suppressed during the suppressed interval.
Netskope.Event.appStringSpecific cloud application used by the user (e.g. app = Dropbox).
Netskope.Event.appcategoryStringApplication Category as designated by Netskope.
Netskope.Event.urlStringURL of the application that the user visited as provided by the log or data plane traffic.
Netskope.Event.pageStringThe URL of the originating page.
Netskope.Event.domainStringDomain value.
Netskope.Event.objectStringName of the object which is being acted on.
Netskope.Event.object_idStringUnique ID associated with an object.
Netskope.Event.activityStringDescription of the user performed activity.
Netskope.Event.deviceStringDevice type from where the user accessed the cloud app.
Netskope.Event.categoryStringThe event category.

Command example#

!netskope-event-list event_type=application limit=1 start_time=2021-03-21T18:48:02.358736 end_time=2022-03-21T18:48:02.358736

Context Example#

{
"Netskope": {
"Event": {
"_insertion_epoch_timestamp": 1647890592,
"access_method": "API Connector",
"activity": "Create",
"alert": "no",
"app": "Google Workspace",
"appcategory": "Application Suite",
"audit_category": null,
"audit_type": "authorize",
"browser": "unknown",
"category": "Application Suite",
"cci": 91,
"ccl": "excellent",
"count": 1,
"device": "Other",
"event_id": "a3f6cb3f22c4431defbf371b",
"from_user": "test@goxsoar.com",
"from_user_category": "Internal",
"instance_id": "goxsoar.com",
"netskope_activity": "False",
"object": "BetterCloud",
"object_id": "800521135851.apps.googleusercontent.com",
"object_type": "Token",
"organization_unit": "",
"os": "unknown",
"other_categories": [],
"scopes": [
"https://apps-apis.google.com/a/feeds/calendar/resource/",
"https://apps-apis.google.com/a/feeds/compliance/audit/",
"https://apps-apis.google.com/a/feeds/domain/",
"https://apps-apis.google.com/a/feeds/emailsettings/2.0/",
"https://docs.google.com/feeds/",
"https://sites.google.com/feeds/",
"https://spreadsheets.google.com/feeds/",
"https://www.google.com/m8/feeds/",
"https://www.googleapis.com/auth/contacts",
"https://www.googleapis.com/auth/activity",
"https://www.googleapis.com/auth/admin.datatransfer",
"https://www.googleapis.com/auth/admin.directory.group",
"https://www.googleapis.com/auth/admin.directory.group.member",
"https://www.googleapis.com/auth/admin.directory.orgunit",
"https://www.googleapis.com/auth/admin.directory.user",
"https://www.googleapis.com/auth/admin.directory.user.alias",
"https://www.googleapis.com/auth/admin.directory.user.security",
"https://www.googleapis.com/auth/admin.directory.userschema",
"https://www.googleapis.com/auth/admin.reports.audit.readonly",
"https://www.googleapis.com/auth/admin.reports.usage.readonly",
"https://www.googleapis.com/auth/apps.groups.settings",
"https://www.googleapis.com/auth/apps.licensing",
"https://www.googleapis.com/auth/calendar",
"https://www.googleapis.com/auth/drive",
"https://www.googleapis.com/auth/userinfo.email",
"https://www.googleapis.com/auth/userinfo.profile",
"https://www.googleapis.com/auth/gmail.settings.basic",
"https://www.googleapis.com/auth/gmail.settings.sharing"
],
"site": "Google App Suite",
"srcip": "fda3:e722:ac3:10:15:8d06:a37:f8d0",
"timestamp": 1647888482,
"traffic_type": "CloudApp",
"type": "nspolicy",
"ur_normalized": "test@goxsoar.com",
"user": "test@goxsoar.com",
"user_category": "Internal",
"userip": "fda3:e722:ac3:10:15:8d06:a37:f8d0",
"userkey": "test@goxsoar.com"
}
}
}

Human Readable Output#

Events List:#

Current page size: 1 Showing page 1 out of others that may exist. |Event Id|Timestamp|Type|Access Method|App|Traffic Type| |---|---|---|---|---|---| | a3f6cb3f22c4431defbf371b | 1647888482 | nspolicy | API Connector | Google Workspace | CloudApp |

netskope-alert-list#


Get alerts generated by Netskope, including policy, DLP, and watch list alerts.

Base Command#

netskope-alert-list

Input#

Argument NameDescriptionRequired
queryFree query to filter the alerts. For example, "alert_name like 'test'". For more information, please visit Netskope documentation: https://docs.netskope.com/en/get-alerts-data.html'Optional
alert_typeSelect alerts by their type. Possible values are: anomaly, Compromised Credential, policy, Legal Hold, malsite, Malware, DLP, Security Assessment, watchlist, quarantine, Remediation, uba.Optional
ackedWhether to retrieve acknowledged alerts or not. Possible values are: true, false.Optional
timeperiodGet alerts from certain time period. Possible values are: Last 60 mins, Last 24 Hrs, Last 7 Days, Last 30 days, Last 60 days, Last 90 days.Optional
start_timeRestrict alerts to those that have timestamps greater than the provided timestamp.Optional
end_timeRestrict alerts to those that have timestamps less than or equal to the provided timestamp.Optional
insertion_start_timeRestrict alerts which have been inserted into the system after the provided timestamp.Optional
insertion_end_timeRestrict alerts which have been inserted into the system before the provided timestamp.Optional
limitThe maximum number of alerts to return. Default is 50.Optional
pageThe page number of the alerts to retrieve (minimum is 1). Default is 1.Optional
unsortedIf true, the returned data will not be sorted (useful for improved performance). Possible values are: true, false.Optional

Context Output#

PathTypeDescription
Netskope.Alert.alert_idStringThe unique identifier of the alert.
Netskope.Alert.timestampNumberTimestamp when the event/alert happened.
Netskope.Alert.typeStringShows if it is an application event or a connection event.
Netskope.Alert.access_methodStringCloud app traffic can be steered to the Netskope cloud using different deployment methods such as Client (Netskope Client), Secure Forwarder etc.
Netskope.Alert.traffic_typeStringType of the traffic: CloudApp or Web.
Netskope.Alert.actionStringAction taken on the event for the policy.
Netskope.Alert.countNumberNumber of raw log lines/events sessionized or suppressed during the suppressed interval.
Netskope.Alert.alert_nameStringName of the alert.
Netskope.Alert.alert_typeStringType of the alert.
Netskope.Alert.ackedBooleanWhether user acknowledged the alert or not.
Netskope.Alert.policyStringName of the policy configured by an admin.
Netskope.Alert.appStringSpecific cloud application used by the user (e.
Netskope.Alert.appcategoryStringApplication Category as designated by Netskope.
Netskope.Alert.dlp_fileStringFile/Object name extracted from the file/object.
Netskope.Alert.dlp_profileStringDLP profile name.
Netskope.Alert.dlp_ruleStringDLP rule that triggered.
Netskope.Alert.categoryStringThe alert category.
Netskope.Alert.cciNumberThe cloud confidence index.

Command example#

!netskope-alert-list limit=1 start_time=2021-03-21T18:48:02.358736 end_time=2022-03-21T18:48:02.358736

Context Example#

{
"Netskope": {
"Alert": {
"_insertion_epoch_timestamp": 1647888457,
"access_method": "API Connector",
"acked": "false",
"action": "alert",
"activity": "Introspection Scan",
"alert": "yes",
"alert_id": "0d7fa7e3cb3034bcc0ff94a5",
"alert_name": "Gdrive - Alert on PII",
"alert_type": "DLP",
"app": "Google Drive",
"appcategory": "Cloud Storage",
"browser": "unknown",
"category": "Cloud Storage",
"cci": 91,
"ccl": "excellent",
"count": 1,
"device": "Other",
"dlp_file": "CS Owned PC Data",
"dlp_incident_id": 1407319677213026800,
"dlp_is_unique_count": "true",
"dlp_parent_id": 1407319677213026800,
"dlp_profile": "Best Practice PII DLP Profile",
"dlp_rule": "FullName-Near-SSN-Unique",
"dlp_rule_count": 64,
"dlp_rule_severity": "High",
"dlp_unique_count": 63,
"dst_country": "US",
"dst_latitude": 37.4059906006,
"dst_location": "Mountain View",
"dst_longitude": -122.0785140991,
"dst_region": "California",
"dst_timezone": "America/Los_Angeles",
"dst_zipcode": "N/A",
"dstip": "142.250.191.78",
"exposure": "internal",
"file_lang": "ENGLISH",
"file_path": "/My Drive/CS Owned PC Data",
"file_size": 805733,
"file_type": "application/vnd.google-apps.spreadsheet",
"from_user": "test@goxsoar.com",
"instance": "goxsoar.com",
"instance_id": "goxsoar.com",
"internal_collaborator_count": 20,
"md5": "81e5926346f19f158688ccf40d88436e",
"mime_type": "application/vnd.google-apps.spreadsheet",
"modified": 1647888385,
"netskope_pop": "US-SJC1",
"object": "CS Owned PC Data",
"object_id": "1wxnfr3SWylRdPx8R3WHo2ywml7LsYPSt_6wqUX2KuDU",
"object_type": "File",
"organization_unit": "",
"os": "unknown",
"other_categories": [],
"outer_doc_type": 361,
"owner": "test@goxsoar.com",
"policy": "Gdrive - Alert on PII",
"request_id": 6525954495577788000,
"scan_type": "Ongoing",
"sha256": "3f53dac4dbce5fbc982ba3180b1b5d5fbed2a9c1cacf906471ce6a9aeef08a05",
"shared_with": "support@goxsoar.com",
"site": "Google Drive",
"suppression_key": "CS Owned PC Data",
"timestamp": 1647888450,
"title": "CS Owned PC Data",
"total_collaborator_count": 20,
"traffic_type": "CloudApp",
"true_obj_category": "Spreadsheet",
"true_obj_type": "Microsoft Excel 2007 XML",
"type": "nspolicy",
"ur_normalized": "test@goxsoar.com",
"url": "https://drive.google.com/open?id=4wxnfr3SWylRdPx8R3WHo2ywml7LsYPSt_6wqUX2KuDU",
"user": "test@goxsoar.com",
"user_id": "test@goxsoar.com",
"userkey": "test@goxsoar.com"
}
}
}

Human Readable Output#

Alerts List:#

Current page size: 1 Showing page 1 out of others that may exist. |Alert Id|Alert Name|Alert Type|Timestamp|Action| |---|---|---|---|---| | 0d7fa7e3cb3034bcc0ff94a5 | Gdrive - Alert on PII | DLP | 1647888450 | alert |

netskope-quarantined-file-list#


List all quarantined files.

Base Command#

netskope-quarantined-file-list

Input#

Argument NameDescriptionRequired
start_timeGet files last modified after the provided date string.Optional
end_timeGet files last modified before the provided date string.Optional
limitThe maximum amount of clients to retrieve. Default is 50.Optional
pageThe page number of the clients to retrieve (minimum is 1). Default is 1.Optional

Context Output#

PathTypeDescription
Netskope.Quarantine.quarantine_profile_idStringThe ID of quarantine profile.
Netskope.Quarantine.quarantine_profile_nameStringThe name of quarantine profile.
Netskope.Quarantine.file_idStringThe ID of the quarantined file.
Netskope.Quarantine.original_file_nameStringThe original filename before quarantining.
Netskope.Quarantine.policyStringThe policy name caused quarantine the file.
Netskope.Quarantine.quarantined_file_nameStringThe filename after quarantining.
Netskope.Quarantine.user_idStringThe ID of the user related to the quarantined file.

Command example#

!netskope-quarantined-file-list limit=1

Context Example#

{
"Netskope": {
"Quarantine": {
"file_id": "1M_RU4jLPUwclKOhqZ7sPSqkMNS-S6Vyr",
"original_file_name": "PII SSN Large v2.xlsx",
"policy": "[Data Protection] - Quarantine PII Uploads to Box",
"quarantine_profile_id": "1",
"quarantine_profile_name": "Qmasters Testing Google Drive",
"quarantined_file_name": "inline_884993759783_1_F2DD7F63_PII SSN Large v2.xlsx",
"user_id": "test@goxsoar.com"
}
}
}

Human Readable Output#

Quarantined Files List:#

Current page size: 1 Showing page 1 out of others that may exist. |quarantine_profile_id|quarantine_profile_name|file_id|original_file_name|policy| |---|---|---|---|---| | 1 | Qmasters Testing Google Drive | 1M_RU4jLPUwclKOhqZ7sPSqkMNS-S6Vyr | PII SSN Large v2.xlsx | [Data Protection] - Quarantine PII Uploads to Box |

netskope-quarantined-file-get#


Download a quarantined file.

Base Command#

netskope-quarantined-file-get

Input#

Argument NameDescriptionRequired
quarantine_profile_idThe ID of quarantine profile.Required
file_idThe ID of the quarantined file.Required

Context Output#

PathTypeDescription
File.SizeNumberThe size of the file.
File.NameStringThe name of the file.
File.EntryIDStringThe entry ID of the file.
File.InfoStringFile information.
File.TypeStringThe file type.
File.ExtensionStringThe file extension.

Command example#

!netskope-quarantined-file-get file_id=1M_RU4jLPUwclKOhqZ7sPSqkMNS-S6Vyr quarantine_profile_id=1

Context Example#

{
"File": {
"EntryID": "4447@8479e914-8493-4968-8f32-78852375d17b",
"Extension": "zip",
"Info": "application/zip",
"MD5": "8ac692ef2cc78adfc523188e54d52933",
"Name": "1M_RU4jLPUwclKOhqZ7sPSqkMNS-S6Vyr.zip",
"SHA1": "19cf128ad8fd41108d0a601e8e9c8cf123c11c5a",
"SHA256": "9ea98de9c4f852665f678338767280f64b20ed11943c49709440643ed04df122",
"SHA512": "5a6bce0fd15e4184d29ee8d38627ec47150665a6ccb67d39b02a8898ff0c987c4e7be580c9243cc3d4a7f3f2b637f226216434bf01bc2babfe35a4b7ff8cc2cc",
"SSDeep": "384:wc313ff+IizBt/oPervm6X61XWRcjDQJB9k3Wl:wMGIct/PjtX61EVB9mWl",
"Size": 15774,
"Type": "Microsoft Excel 2007+"
}
}

Human Readable Output#

netskope-quarantined-file-update#


Take an action on a quarantined file.

Base Command#

netskope-quarantined-file-update

Input#

Argument NameDescriptionRequired
quarantine_profile_idThe profile ID of the quarantined file.Required
file_idThe ID of the quarantined file.Required
actionAction to be performed on a quarantined. Possible values are: block, allow.Required

Context Output#

There is no context output for this command.

Command example#

!netskope-quarantined-file-update file_id=1M_RR4jLPUwclKOhqZ7sPSqkMNS-S6Vyr quarantine_profile_id=1 action=block

Human Readable Output#

The file 1M_RR4jLPUwclKOhqZ7sPSqkMNS-S6Vyr was successfully blocked!

netskope-url-list-update#


Update the URL List with the values provided. The command will override the whole list content, rather than appending the new values.

Base Command#

netskope-url-list-update

Input#

Argument NameDescriptionRequired
nameName of an existing URL List shown in the Netskope UI on the URL List page.Required
urlsThe content of the URL list.Required

Context Output#

PathTypeDescription
Netskope.URLList.nameStringThe name of the URL list.
Netskope.URLList.URLStringThe content the URL list.

Command example#

!netskope-url-list-update name="Allowed URLs" urls="allow.me,allow2.me"

Context Example#

{
"Netskope": {
"URLList": {
"URL": [
"allow.me",
"allow2.me"
],
"name": "Allowed URLs"
}
}
}

Human Readable Output#

URL List Allowed URLs: allow.me, allow2.me

netskope-file-hash-list-update#


Update file hash list with the values provided. The command will override the whole list content, rather than appending the new values.

Base Command#

netskope-file-hash-list-update

Input#

Argument NameDescriptionRequired
nameName of an existing file hash list shown in the Netskope UI on the file hash list page.Required
hashList of file hashes (md5 or sha256).Required

Context Output#

PathTypeDescription
FileHashList.nameStringThe name of the hash list.
FileHashList.hashStringThe content of the hash list.

Command example#

!netskope-file-hash-list-update name="Test SHA256" hash="00db7cf5cc13df9ae88615af999582608361c14fc915d1dd76fa619d1c341597"

Context Example#

{
"Netskope": {
"FileHashList": {
"hash": [
"00db7cf5cc13df9ae88615af999582608361c14fc915d1dd76fa619d1c341597"
],
"name": "Test SHA256"
}
}
}

Human Readable Output#

Hash List Test SHA256: 00db7cf5cc13df9ae88615af999582608361c14fc915d1dd76fa619d1c341597

netskope-client-list#


Get information about the Netskope clients.

Base Command#

netskope-client-list

Input#

Argument NameDescriptionRequired
queryFree query on the clients, based on the client fields. For example, "host_info.hostname eq xxx". For more information, please visit Netskope documentation: https://docs.netskope.com/en/get-client-data.html'.Optional
limitThe maximum amount of clients to retrieve. Default is 50.Optional
pageThe page number of the clients to retrieve (minimum is 1). Default is 1.Optional

Context Output#

PathTypeDescription
Netskope.Client.client_idStringThe ID of the Netskope client.
Netskope.Client.client_versionStringThe client version.
Netskope.Client.device_idStringThe ID of the client's device.
Netskope.Client.host_infoStringInformation about the client's host.
Netskope.Client.last_eventStringInformation about the last event related to the client.
Netskope.Client.user_added_timeStringThe last time a client's user was added to Netskope.
Netskope.Client.usersStringList of all users of the provided client.

Command example#

!netskope-client-list limit=1

Context Example#

{
"Netskope": {
"Client": {
"client_id": "TEST82A5",
"client_version": "91.0.6.812",
"device_id": "TEST82A5",
"host_info": {
"device_make": "Parallels Software International Inc.",
"device_model": "Parallels Virtual Platform",
"hostname": "TEST82A5",
"managementID": "",
"nsdeviceuid": "725DAC1A-6654-3F3A-971E-C984FBE9FE5E",
"os": "Windows",
"os_version": "10.0 (2009)"
},
"last_event": {
"actor": "System",
"event": "Tunnel Up",
"npa_status": "Steering Disabled",
"status": "Enabled",
"timestamp": 1642475967
},
"user_added_time": 1638994653,
"users": [
{
"_id": "0c6f3f867882c2d243a83310",
"device_classification_status": "Not Configured",
"last_event": {
"actor": "System",
"event": "Tunnel Up",
"npa_status": "Steering Disabled",
"status": "Enabled",
"timestamp": 1642475967
},
"user_source": "Manual",
"user_state": 0,
"userkey": "W1Acv9LP05u2654lwRaD",
"username": "test@goxsoar.com"
},
{
"_id": "0c6f3f867882c2d243a83310",
"device_classification_status": "Unknown",
"last_event": {
"actor": "System",
"event": "Tunnel Down",
"npa_status": "Disabled",
"status": "Disabled",
"timestamp": 1638995110
},
"userkey": "W1Acv9LP05u2654lwRaD"
}
]
}
}
}

Human Readable Output#

Clients List:#

Current page size: 1 Showing page 1 out of others that may exist. |Client Id|Client Version|Device Id|User Added Time| |---|---|---|---| | TEST82A5 | 91.0.6.812 | TEST82A5 | 1638994653 |

netskope-host-associated-user-list#


List all users of certain host by its hostname.

Base Command#

netskope-host-associated-user-list

Input#

Argument NameDescriptionRequired
hostnameThe hostname to view its users.Required
limitThe maximum amount of users to retrieve. Default is 50.Optional
pageThe page number of the users to retrieve (minimum is 1). Default is 1.Optional

Context Output#

PathTypeDescription
Netskope.User.user_idStringThe ID of the Netskope user.
Netskope.User.device_classification_statusStringThe device classification status.
Netskope.User.last_eventUnknownInformation about the last event related to the user.
Netskope.User.user_sourceStringThe source of the user.
Netskope.User.userkeyStringThe user key.
Netskope.User.usernameStringThe name/email of the user.

Command example#

!netskope-host-associated-user-list hostname=TEST82A5 limit=1

Context Example#

{
"Netskope": {
"User": {
"device_classification_status": "Unknown",
"last_event": {
"actor": "System",
"event": "Tunnel Down",
"npa_status": "Disabled",
"status": "Disabled",
"timestamp": 1638995110
},
"user_id": "0c6f3f867882c2d243a83310",
"user_source": "Manual",
"user_state": 0,
"userkey": "W1Acv9LP05u2654lwRaD",
"username": "test@goxsoar.com"
}
}
}

Human Readable Output#

Users Associated With TEST82A5:#

Current page size: 1 Showing page 1 out of others that may exist. |user_id|username|user_source| |---|---|---| | 0c6f3f867882c2d243a83310 | test@goxsoar.com | Manual | | 0c6f3f867882c2d243a83310 | | |

netskope-user-associated-host-list#


List all hosts related to a certain username.

Base Command#

netskope-user-associated-host-list

Input#

Argument NameDescriptionRequired
usernameThe username to view its hosts.Required
limitThe maximum amount of hosts to retrieve. Default is 50.Optional
pageThe page number of the hosts to retrieve (minimum is 1). Default is 1.Optional

Context Output#

PathTypeDescription
Netskope.Host.nsdeviceuidStringNetskope device UID.
Netskope.Host.osStringThe device operating system.
Netskope.Host.os_versionStringThe device operating system version.
Netskope.Host.device_modelStringThe device model.
Netskope.Host.hostnameStringThe hostname of the device.
Netskope.Host.agent_statusStringThe status of the agent on the device.

Command example#

!netskope-user-associated-host-list username=test@goxsoar.com

Context Example#

{
"Netskope": {
"Host": {
"agent_status": "Enabled",
"device_make": "Parallels Software International Inc.",
"device_model": "Parallels Virtual Platform",
"hostname": "TEST82A5",
"managementID": "",
"nsdeviceuid": "725DAC1A-6654-3F3A-971E-C984FBE9FE5E",
"os": "Windows",
"os_version": "10.0 (2009)"
}
}
}

Human Readable Output#

Hosts Associated With test@goxsoar.com:#

Current page size: 50 Showing page 1 out of others that may exist. |hostname|os_version|agent_status| |---|---|---| | TEST82A5 | 10.0 (2009) | Enabled |