OBSOLETE Syslog - Zscaler Nano Streaming Service
Device Details
| Device Name | Zscaler Nano Streaming Service |
|---|---|
Vendor | Zscaler |
Device Type | N/A |
Supported Model Name/Number | Windows Server 2008, 2012, 2016+ |
Supported Software Version(s) | N/A |
Collection Method | Syslog |
Configurable Log Output? | No |
Log Source Type | Syslog - Zscaler Nano Streaming Service |
Log Processing Policy | LogRhythm Default |
Exceptions | N/A |
Additional Information |
Prerequisites
Documentation Link :
Supported Log Messages
(List of LR Tags used to parse the log information for each message type)
Type | Product Version | Supported Schema Fields |
|---|---|---|
| Catch All : Level 1 | N/A | <tag1>, <severity> |
| Catch All : Level 4 | N/A | <severity>, <login>, <dname>, <dip>, <sip>, <snatip>, <url>, <objectname>, <object>, <protname>, <size>, <vmid> |
| DNS Message | N/A | <severity>, <login>, <domainorigin>,<action>, <resut>, <policy>, <url>, <snatip>, <responsecode>, <tag1>, <object>, <dport>, <sip>, <dip> |
| General Firewall Messages | N/A | <severity>, <login>, <domainorigin>, <group>, <sport>, <dport>, <sip>, <sinterface>, <dinterface>, <dip>, <tag1>, <action>, <protname>, <vendorinfo>, <bytesin>, <bytesout>, <milliseconds>, <threatname> |
| Last Message Repeated | N/A | <severity>, <dname>, <subject>, <quantity>, <url>, <protname>, <responsecode> |
| Network Traffic | N/A | <login>, <domainimpacted>, <dip>, <sip>, <snatip>, <dport>, <url>, <useragent>, <object>, <subject>, <protname>, <Action>, <tag1>, <reason>, <parentprocessname>, <objecttype>, <bytesout>, <bytesin>, <size>, <status>, <threatname>, <hash>, <severity>, <sinterface>, <command>, <responsecode>, <policy>, <session>, <tag2>, <group>, <vendorinfo> |
| Tunnel Messages | N/A | <severity>, <vendorinfo>, <protname>, <login>, <domainorigin>, <sip>, <dip>, <sport>, <bytesout>, <bytesin>, <subject> |
| Zscalar General Network Traffic Messages | N/A | <severity>, <protname>, <url>, <action>, <bytesin>, <bytesout>, <reason>, <dip>, <sip>, <tag1>, <command>, <tag2>, <responsecode>, <useragent> |
Revision History
KB Version | Log Type | Change Type | Details |
|---|---|---|---|
| KB 7.1.588.0 | Syslog | Documentation | Created documenation |