Skip to main content
Skip table of contents

LSO : Syslog - Zscaler Nano Streaming Service (Mapping Doc)

This document explains the changes required to apply new Message Processing Engine (MPE) rules developed during the Log Source Optimization (LSO) project for the Syslog - Fortinet FortiAnalyzer log source type.

Vendor Documentation


  • Download and apply the Knowledge Base. For more information, see KB Synchronization Settings for LSO.

  • Enable the new MPE rules in the LogRhythm System Monitor.

    • Select log source type Syslog - Zscaler Nano Streaming Service.

    • Enable log processing policy LogRhythm Default v2.0.

For details on how to enable LogRhythm Default v2.0, see Apply LogRhythm Default v2.0 on a Log Source.

Support for Fortinet FortiGate Events

For more information, see Log Source Virtualization .

Supported Log Messages

The following table lists the log message types supported in the current MPE rules. Each page contains detailed information on parsing changes and new log processing settings.

Log Message Type

Event Type

Action Query Logs

Query Information

Catch All : Level 1

General Information

Catch All : Level 4

Web Access Message

DNS Message

General DNS Information

General Firewall Messages

General Firewall Log

IPSec Phase1

General IPSec Information

IPSec Phase2

General IPSec Information

Last Message Repeated

Last Message Repeated

Network Traffic

General Network Traffic Log Message

Tunnel Event

General TUNNEL Message

Tunnel Messages

General TUNNEL Message

Tunnel Samples

General TUNNEL Message

Zscaler General Network Traffic Messages

General Network Traffic

Zscaler Network Details

General Network Traffic Log Message

Zscaler NSS Message

General Information

Log Processing Policy Updates

This section details log processing policy updates made to AIE Rules, system reports, system investigations, system report templates, and system tails as part of LSO.

Updates to AIE Rules

  • No changes

Updates to System Reports

  • No changes

Updates to System Investigations

  • No changes

Updates to System Report Templates

  • No changes

Updates to System Tails

  • No changes

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.