Zscaler
Version: 3.0.0
Zscaler is a global cloud-based information security company that provides Internet security, web security, firewalls, sandboxing, SSL inspection, antivirus, vulnerability management and granular control of user activity in cloud computing, mobile and Internet of Things environments. Zscaler provides a cloud-based approach to security as a service.
Connect Zscaler with LogicHub
- Navigate to Automations > Integrations.
- Search for Zscaler.
- Click Details, then the + icon. Enter the required information in the following fields.
- Label: Enter a connection name.
- Reference Values: Define variables here to templatize integration connections and actions. For example, you can use https://www.{{hostname}}.com where, hostname is a variable defined in this input. For more information on how to add data, see 'Add Data' Input Type for Integrations.
- Verify SSL: Select option to verify connecting server's SSL certificate (Default is Verify SSL Certificate).
- Remote Agent: Run this integration using the LogicHub Remote Agent.
- Base URI: base URI for the API provisioned for your organization.
- Username: must be your user name.
- Password: must be your password.
- API Key: API key for Zscaler
- After you've entered all the details, click Connect.
Actions for Zscaler
Blacklist Add
Add URL/IP to Blacklist. [Max 25000]
Input Field
Choose a connection that you have previously created and then fill in the necessary information in the following input fields to complete the connection.
| Input Name | Description | Required |
|---|---|---|
| url_column_name | Column name from parent table containing url/ip to add. | Required |
Output
A JSON object containing multiple rows of result:
- has_error: True/False
- error: message/null
- result: success or "Activation of configuration changes failed."
Blacklist Remove
Remove URL/IP from Blacklist
Input Field
| Input Name | Description | Required |
|---|---|---|
| url_column_name | Column name from parent table containing url/ip to remove. | Required |
Output
A JSON object containing multiple rows of result:
- has_error: True/False
- error: message/null
- result: success or "Activation of configuration changes failed."
URL/IP Lookup
Looks up the categorization of a given URL/IP
Input Field
| Input Name | Description | Required |
|---|---|---|
| url_column_name | Column name from parent table containing url/ip to lookup. | Required |
Output
A JSON object containing multiple rows of result:
- has_error: True/False
- error: message/null
- result: json object containing url categorisation result from Zscaler
Whitelist Add
Add URL/IP to Whitelist
Input Field
| Input Name | Description | Required |
|---|---|---|
| url_column_name | Column name from parent table containing url/ip to add. | Required |
Output
A JSON object containing multiple rows of result:
- has_error: True/False
- error: message/null
- result: "Successfully added to the whitelist." or "Cannot add to the whitelist." or "Activation of configuration changes failed."
Whitelist Remove
Remove URL/IP from Whitelist
Input Field
| Input Name | Description | Required |
|---|---|---|
| url_column_name | Column name from parent table containing url/ip to remove. | Required |
Output
A JSON object containing multiple rows of result:
- has_error: True/False
- error: message/null
- result: "Successfully removed from the whitelist." or "Cannot remove from the whitelist." or "Activation of configuration changes failed."
Sandbox Report of File
Report of an md5 file analyzed by Sandbox.
Input Field
| Input Name | Description | Required |
|---|---|---|
| file_column_name | Column name from parent table containing md5 file hash. | Required |
| Report_type | Full or summary. | Required |
Output
A JSON object containing multiple rows of result:
- has_error: True/False
- error: message/null
- result: json object containing report from Zscaler
Get URL Categories
Gets information about all or custom URL categories.
Note: This action will not produce a correlated response and columns from parentTable will be dropped.
Input Field
Choose a connection that you have previously created and then fill in the necessary information in the following input fields to complete the connection.
| Input Name | Description | Required |
|---|---|---|
| Custom Categories | Yes/No. Select 'Yes' to get only custom URL categories. Default 'Yes'. | Optional |
Output of Action
A JSON object containing multiple rows of result:
- has_error: True/False
- error: message/null
- result: json object containing URLCategories from Zscaler
Add URL/IP/Hostname to Category
Adds a URL/IP/Hostname to the Category
Input Field
| Input Name | Description | Required |
|---|---|---|
| URL/IP/Hostname Column name | Column name from the parent table to lookup URLs/IPs/Hostname to add. | Required |
| Category ID Column name | Column name from the parent table to lookup value for Category ID. | Required |
Output
A JSON object containing multiple rows of result:
- has_error: True/False
- error: message/null
- result: string “Successfully added”
Remove URL/IP/Hostname from Category
Removes a URL/IP/Hostname from the Category provided.
Input Field
Choose a connection that you have previously created and then fill in the necessary information in the following input fields to complete the connection.
| Input Name | Description | Required |
|---|---|---|
| URL/IP/Hostname Column name | Column name from the parent table to lookup URLs/IPs/Hostname to remove. | Required |
| Category ID Column name | Column name from the parent table to lookup value for Category ID. | Required |
Output
A JSON object containing multiple rows of result:
- has_error: True/False
- error: message/null
- result: string “Successfully removed”
Get White-listed URLs
Gets a list of whitelisted URLs.
Input Field
Choose a connection that you have previously created to complete the connection.
Output
Returns a list of JSONs, each containing the items listed below.
- Error: In case an error occurs, it description else NULL.
- has_error: Boolean flag, tells whether an error occurred or not.
- URL: Url or Ip of white-listed URLs.
Get Black-listed URLs
Gets a list of black-listed URLs.
Input Field
Choose a connection that you have previously created to complete the connection.
Output
Returns a list of JSONs, each containing the items listed below.
- Error: In case an error occurs, it description else NULL.
- has_error : Boolean flag, tells whether an error occurred or not.
- URL: Url or Ip of black-listed URLs.
Get URL Quota
Gets information on the number of unique URLs that are currently provisioned for your organization as well as how many URLs you can add before reaching that number.
Input Field
Choose a connection that you have previously created to complete the connection.
Output
Returns a list of JSONs, each containing the items listed below.
- Error: In case an error occurs, it description else NULL.
- has_error: Boolean flag, tells whether an error occurred or not.
- uniqueUrlsProvisioned: Number of unique URLs provisioned for your organization.
- remainingUrlsQuota: Number of unique URLs that you can still add.
{
"uniqueUrlsProvisioned": 24004,
"remainingUrlsQuota": 996,
"error": null,
"has_error": false
}
Release Notes
v3.0.0- Updated architecture to support IO via filesystem
Updated about 1 year ago