https://catalogartifact.azureedge.net/publicartifacts/zscaler1579058425289.zia_ccf-fe3971aa-16fb-4d63-95c7-91eb89a73748/472abf60-fb70-42d8-903c-64cfa1dc55d1_zscaler.png

Zscaler Internet Access Cloud NSS Log Feed Ingestion

על-ידי Zscaler

Ingest and analyze Zscaler Internet Access Cloud NSS logs in Microsoft Sentinel

This solution deploys 44 Microsoft Sentinel resources for Zscaler Internet Access Cloud NSS log monitoring:

- 15 Cloud NSS push data connectors (web, firewall, DNS, tunnel, endpoint DLP, email DLP, 8 CASB categories, and
audit logs) via the Codeless Connector Platform
- 17 workbooks for security monitoring and analysis
- 10 OAuth2-based playbooks for automated response (block/unblock IPs and URLs, blacklist/whitelist management, IP
and URL lookups)
- 2 analytic rules for threat detection (low-volume domain requests and Discord CDN risky file downloads)