Skip to content

Configure Zscaler to send CEF messages

On the Zscaler appliance you need to set these values so that the appliance sends the necessary logs in the necessary format to the LogSentinel Collector.

  • Protocol = TCP
  • Port = 2514
  • Format = CEF
  • IP address - the IP address of the LogSentinel Collector


This solution supports Syslog RFC 3164 or RFC 5424.


Make sure that all firewalls (including the firewall on the collector machine) allow connections to the collector port