Zscaler Audit Logs to SIEM



I am looking to forward the Audit Logs from Zscaler to our SIEM.
Couldn’t find any articles to do so.

Can some suggest how to achieve this ?

Rahul V

Hi Rahul,
This feature has recently been added; more information is on this link: Adding NSS Feeds for Admin Audit Logs | Zscaler.

I.e. the process is now the same as for “regular” transaction logs: ZIA → NSS → SIEM.

Please let me know in case that doesn’t answer your question.
Kind regards,

@pvanroosbroek Any idea when this feature will be supported with ZScalerGov?
As per Adding NSS Feeds for Admin Audit Logs | Zscaler it should be already supported, but the support states it is not. Thanks,

@avshch From what I understand, there are no timelines yet.