Sending Logs from Zscaler #8528

sarim04 · 2022-08-12T14:54:42Z

sarim04
Aug 12, 2022

Hello Team,
I am fairly new to security onion, I need some guidance on how to send logs from zscaler to security onion.

Aug 15, 2022

From https://docs.securityonion.net/en/2.3/syslog.html:

If you want to send syslog from other devices, you should check to see if the device has an existing Filebeat module at https://www.elastic.co/guide/en/beats/filebeat/current/filebeat-modules.html. If so, using the Filebeat module should provide some parsing by default.

Filebeat has a Zscaler module:
https://www.elastic.co/guide/en/beats/filebeat/current/filebeat-module-zscaler.html

View full answer

dougburks · 2022-08-15T10:15:07Z

dougburks
Aug 15, 2022
Maintainer

From https://docs.securityonion.net/en/2.3/syslog.html:

If you want to send syslog from other devices, you should check to see if the device has an existing Filebeat module at https://www.elastic.co/guide/en/beats/filebeat/current/filebeat-modules.html. If so, using the Filebeat module should provide some parsing by default.

Filebeat has a Zscaler module:
https://www.elastic.co/guide/en/beats/filebeat/current/filebeat-module-zscaler.html

0 replies

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Sending Logs from Zscaler #8528

Uh oh!

{{title}}

Uh oh!

Replies: 1 comment

Uh oh!

{{title}}

Uh oh!

Select a reply

Uh oh!

Sending Logs from Zscaler #8528

Uh oh!

sarim04 Aug 12, 2022

Replies: 1 comment

Uh oh!

dougburks Aug 15, 2022 Maintainer

sarim04
Aug 12, 2022

dougburks
Aug 15, 2022
Maintainer