When you configure your zScaler Nanalog Streaming Service (NSS) to send log data to USM Appliance, you can use the zScaler NSS plugin to translate raw log data into normalized events for analysis. The table below provides some basic information for the plugin.
| Device | Details |
|---|---|
| Vendor | zScaler |
| Device Type | Proxy |
| Connection Type | Syslog |
| Data Source Name | zscaler |
| Data Source ID | 1730 |
Integrating zScaler NSS
Before you configure the zScaler NSS integration, you must have the IP Address of the USM Appliance Sensor.
To configure zScaler NSS to send log data over syslog to USM Appliance
- Log in to the administration portal for Zscaler NSS.
- In the navigation pane, select Administration > Settings > Nanolog Streaming Service.
- From the NSS Feeds tab, click Add NSS Feed.
- In Feed Name, enter a name for the NSS feed.
- In NSS Type, keep the default: NSS for Web.
- From the NSS Server list, select the ZScaler NSS system.
- From the Status list, select Enabled.
- In SIEM IP Address, enter the IP address of the USM Appliance Sensor.
- In SIEM TCP Port, enter
- In Log Type, select Alerts and choose which level(s) alerts you want to send.
- Click Save and then activate your changes.
Plugin Enablement
For plugin enablement information, see Enable Plugins.
Troubleshooting
For troubleshooting, refer to the vendor documentation:
Feedback