Hello,
I am looking to forward the Audit Logs from Zscaler to our SIEM.
Couldn’t find any articles to do so.
Can some suggest how to achieve this ?
Thanks,
Rahul V
Hi Rahul,
This feature has recently been added; more information is on this link: Adding NSS Feeds for Admin Audit Logs | Zscaler.
I.e. the process is now the same as for “regular” transaction logs: ZIA → NSS → SIEM.
Please let me know in case that doesn’t answer your question.
Kind regards,
Pete
@pvanroosbroek Any idea when this feature will be supported with ZScalerGov?
As per Adding NSS Feeds for Admin Audit Logs | Zscaler it should be already supported, but the support states it is not. Thanks,