Zscaler

Last updated
Save as PDF
Share
1. Share
2. Tweet
3. Share

Zscaler is a cloud-based internet and application security gateway used by enterprise customers worldwide. As part of operating this service, Zscaler end users might generate a large amount of logging information, information accessible within Zscaler, and also data available to stream into the Splunk platform.

Getting data in

Source	Add-ons and Apps	Guidance
Zscaler The Zscaler Technical Add-On for Splunk takes events from Zscaler data sources and maps these to types compatible with the Splunk Common Information Model (CIM), as well as tagging all events where relevant to specific CIM data models. Zscaler traffic, status, and access logs provide a rich source of data for ingesting into the Splunk platform. This information can then be used to enrich other data sources and generate interesting events related to business services and technology operations.	Splunk platform Zscaler Technical Add-On for Splunk	Configuration Zscaler and Splunk Deployment Guide Splunk Lantern Articles Using Federated Search for Amazon S3 for monitoring and detection

Source

Add-ons and Apps

Guidance

Zscaler

The Zscaler Technical Add-On for Splunk takes events from Zscaler data sources and maps these to types compatible with the Splunk Common Information Model (CIM), as well as tagging all events where relevant to specific CIM data models.

Zscaler traffic, status, and access logs provide a rich source of data for ingesting into the Splunk platform. This information can then be used to enrich other data sources and generate interesting events related to business services and technology operations.

Splunk platform

Zscaler Technical Add-On for Splunk

Configuration

Zscaler and Splunk Deployment Guide

Splunk Lantern Articles

Using Federated Search for Amazon S3 for monitoring and detection