https://catalogartifact.azureedge.net/publicartifacts/zscaler1579058425289.zia_ccf-a050df6f-3776-411f-8588-f827c4eebf07/24d3aab0-deab-4d4d-aa68-ba923aed0119_listing.large.logo.png

Zscaler Internet Access Cloud NSS Log Feed Ingestion

yayıncı: Zscaler

Ingest and analyze Zscaler Internet Access Cloud NSS logs in Microsoft Sentinel

This solution deploys 44 Microsoft Sentinel resources for Zscaler Internet Access Cloud NSS log monitoring:

- 15 Cloud NSS push data connectors (web, firewall, DNS, tunnel, endpoint DLP, email DLP, 8 CASB categories, and
audit logs) via the Codeless Connector Platform
- 17 workbooks for security monitoring and analysis
- 10 OAuth2-based playbooks for automated response (block/unblock IPs and URLs, blacklist/whitelist management, IP
and URL lookups)
- 2 analytic rules for threat detection (low-volume domain requests and Discord CDN risky file downloads)