Configure Zscaler to send CEF messages¶
On the Zscaler appliance you need to set these values so that the appliance sends the necessary logs in the necessary format to the LogSentinel Collector.
- Protocol = TCP
- Port = 514
- Format = CEF
- IP address - the IP address of the LogSentinel Collector
Note
This solution supports Syslog RFC 3164 or RFC 5424.