Welcome to the new Splunkbase! To return to the old Splunkbase, click here.
Collections
Apps
Submit an App
CCX Zscaler Products Extensions app icon

CCX Zscaler Products Extensions

About Us: CyberCX is Australia's greatest force of cyber security experts. Our highly skilled professional services team operates a 24x7 on-shore security operations centre (SOC) servicing corporate and public sector organisations across Australia and New Zealand, specialising in Security Operations services leveraging Splunk. Description: The CCX Zscaler Products Extensions looks to provide a single field extraction bundle for Zscaler logs. This TA was built using a large dataset and endeavours to be the most CIM compliant comprehensive field extraction TA available for Zscaler. Fully compatible with Splunk Enterprise and Splunk Cloud, built by an Ops team for Ops teams. CCX Zscaler Products Extensions currently supports the following products: - Zscaler_ZPA - Zscaler_ZIA_Firewall - Zscaler_ZIA_Proxy Features: - This TA currently supports logtypes tagged under the following CIM datamodels: Authentication, DLP, IDS, Malware, Network Session, Network Traffic, and Web. CCX Zscaler Products Extensions provides additional CIM field coverage and tagging to the following sourcetypes: - zscalerlss-zpa-app - zscalerlss-zpa-auth - zscalerlss-zpa-bba - zscalerlss-zpa-connector - zscalerlss-zpa-dns - zscalernss-fw - zscalerapi-zia-sandbox - zscalernss-web

Built by Matthew Orme
splunk product badge
Latest Version 1.0.0
August 22, 2024
Compatibility
Not Available
Platform Version: 9.4, 9.3, 9.2, 9.1
CIM Version: 5.x
Rating

0

(0)

Log in to rate this app
Support
CCX Zscaler Products Extensions support icon
Developer Supported addon
About Us: CyberCX is Australia's greatest force of cyber security experts. Our highly skilled professional services team operates a 24x7 on-shore security operations centre (SOC) servicing corporate and public sector organisations across Australia and New Zealand, specialising in Security Operations services leveraging Splunk. Description: The CCX Zscaler Products Extensions looks to provide a single field extraction bundle for Zscaler logs. This TA was built using a large dataset and endeavours to be the most CIM compliant comprehensive field extraction TA available for Zscaler. Fully compatible with Splunk Enterprise and Splunk Cloud, built by an Ops team for Ops teams. CCX Zscaler Products Extensions currently supports the following products: - Zscaler_ZPA - Zscaler_ZIA_Firewall - Zscaler_ZIA_Proxy Features: - This TA currently supports logtypes tagged under the following CIM datamodels: Authentication, DLP, IDS, Malware, Network Session, Network Traffic, and Web. CCX Zscaler Products Extensions provides additional CIM field coverage and tagging to the following sourcetypes: - zscalerlss-zpa-app - zscalerlss-zpa-auth - zscalerlss-zpa-bba - zscalerlss-zpa-connector - zscalerlss-zpa-dns - zscalernss-fw - zscalerapi-zia-sandbox - zscalernss-web

Categories

Created By

Matthew Orme

Type

addon

Downloads

101

Licensing

Splunk Answers

Resources

Login to report this app listing