With Zscaler, your SIEM can help you get a picture of what is happening across your entire network, instead of limiting your visibility to what has already happened. Zscaler’s global cloud platform continuously collects and streams logs to you, across racks of gateways and thousands of users. So you have the power of true threat correlation—in real time.Request A Demo
Security Information and Event Management (SIEM) systems offer a means to correlate the appliance logs throughout your business, such as web gateways, firewalls, switches, and more. SIEMs have been the only way to get a true picture of what’s happening across your business. The only problem is that it can take so long to get the logs of web and firewall transactions—which often require batch imports from your racks of security appliances in each of your gateways—that any event has long since happened. Even worse, the logs coming from different security appliances are often specific to each appliance, which means the real picture is even more difficult to see.
Zscaler was designed to deliver logs for all users and all locations in near real time, with the Zscaler Nanolog Streaming Service (NSS). We can handle preprocessing based on your criteria, and deliver logs to the SIEM of your choice, with no need for batch reporting. This enables you to correlate logs across multiple devices, comply with regulatory mandates for local log archival, and conduct historical analysis. You can choose the format that works best for you and your solution, and send up to eight streams of logs—each with different filters and formats—to different SIEMs. NSS, like everything at Zscaler, is fully cloud-based, scalable, and elastic. NSS operates seamlessly with all of the leading SIEM vendors, including Splunk, ArcSight, QRadar, LogRhythm, Symantec, and RSA SecurityRequest A Demo
It can be deployed behind NAT or firewall. Remote assistance is available for advanced troubleshooting without punching a hole in the firewall.
Supports ASCII log format
Out of the box compatibilitye
By user/data/event type