Zscaler

Version: 2.0.19

Zscaler is a global cloud-based information security company that provides Internet security, web security, firewalls, sandboxing, SSL inspection, antivirus, vulnerability management and granular control of user activity in cloud computing, mobile and Internet of Things environments. Zscaler provides a cloud-based approach to security as a service.

Connect Zscaler with LogicHub

  1. Navigate to Automations > Integrations.
  2. Search for Zscaler.
  3. Click Details, then the + icon. Enter the required information in the following fields.
    • Label: Enter a connection name.
    • Reference Values: Define variables here to templatize integration connections and actions. For example, you can use https://www.{{hostname}}.com where, hostname is a variable defined in this input. For more information on how to add data, see 'Add Data' Input Type for Integrations.
    • Verify SSL: Select option to verify connecting server's SSL certificate (Default is Verify SSL Certificate).
    • Remote Agent: Run this integration using the LogicHub Remote Agent.
    • Base URI: base URI for the API provisioned for your organization.
    • Username: must be your user name.
    • Password: must be your password.
    • API Key: API key for Zscaler
  4. After you've entered all the details, click Connect.

Actions for Zscaler

Blacklist Add

Add URL/IP to Blacklist. [Max 25000]

Input Field

Choose a connection that you have previously created and then fill in the necessary information in the following input fields to complete the connection.

Input Name

Description

Required

url_column_name

Column name from parent table containing url/ip to add.

Required

Output

A JSON object containing multiple rows of result:

  • has_error: True/False
  • error: message/null
  • result: success or "Activation of configuration changes failed."

Blacklist Remove

Remove URL/IP from Blacklist

Input Field

Input Name

Description

Required

url_column_name

Column name from parent table containing url/ip to remove.

Required

Output

A JSON object containing multiple rows of result:

  • has_error: True/False
  • error: message/null
  • result: success or "Activation of configuration changes failed."

URL/IP Lookup

Looks up the categorization of a given URL/IP

Input Field

Input Name

Description

Required

url_column_name

Column name from parent table containing url/ip to lookup.

Required

Output

A JSON object containing multiple rows of result:

  • has_error: True/False
  • error: message/null
  • result: json object containing url categorisation result from Zscaler

Whitelist Add

Add URL/IP to Whitelist

Input Field

Input Name

Description

Required

url_column_name

Column name from parent table containing url/ip to add.

Required

Output

A JSON object containing multiple rows of result:

  • has_error: True/False
  • error: message/null
  • result: "Successfully added to the whitelist." or "Cannot add to the whitelist." or "Activation of configuration changes failed."

Whitelist Remove

Remove URL/IP from Whitelist

Input Field

Input Name

Description

Required

url_column_name

Column name from parent table containing url/ip to remove.

Required

Output

A JSON object containing multiple rows of result:

  • has_error: True/False
  • error: message/null
  • result: "Successfully removed from the whitelist." or "Cannot remove from the whitelist." or "Activation of configuration changes failed."

Sandbox Report of File

Report of an md5 file analyzed by Sandbox.

Input Field

Input Name

Description

Required

file_column_name

Column name from parent table containing md5 file hash.

Required

Report_type

Full or summary.

Required

Output

A JSON object containing multiple rows of result:

  • has_error: True/False
  • error: message/null
  • result: json object containing report from Zscaler

Get URL Categories

Gets information about all or custom URL categories.
Note: This action will not produce a correlated response and columns from parentTable will be dropped.

Input Field

Choose a connection that you have previously created and then fill in the necessary information in the following input fields to complete the connection.

Input Name

Description

Required

Custom Categories

Yes/No. Select 'Yes' to get only custom URL categories. Default 'Yes'.

Optional

Output of Action
A JSON object containing multiple rows of result:

  • has_error: True/False
  • error: message/null
  • result: json object containing URLCategories from Zscaler

Add URL/IP/Hostname to Category

Adds a URL/IP/Hostname to the Category

Input Field

Input Name

Description

Required

URL/IP/Hostname Column name

Column name from the parent table to lookup URLs/IPs/Hostname to add.

Required

Category ID Column name

Column name from the parent table to lookup value for Category ID.

Required

Output

A JSON object containing multiple rows of result:

  • has_error: True/False
  • error: message/null
  • result: string “Successfully added”

Remove URL/IP/Hostname from Category

Removes a URL/IP/Hostname from the Category provided.

Input Field

Choose a connection that you have previously created and then fill in the necessary information in the following input fields to complete the connection.

Input Name

Description

Required

URL/IP/Hostname Column name

Column name from the parent table to lookup URLs/IPs/Hostname to remove.

Required

Category ID Column name

Column name from the parent table to lookup value for Category ID.

Required

Output

A JSON object containing multiple rows of result:

  • has_error: True/False
  • error: message/null
  • result: string “Successfully removed”

Get White-listed URLs

Gets a list of whitelisted URLs.

Input Field

Choose a connection that you have previously created to complete the connection.

Output

Returns a list of JSONs, each containing the items listed below.

  • Error: In case an error occurs, it description else NULL.
  • has_error: Boolean flag, tells whether an error occurred or not.
  • URL: Url or Ip of white-listed URLs.

Get Black-listed URLs

Gets a list of black-listed URLs.

Input Field

Choose a connection that you have previously created to complete the connection.

Output

Returns a list of JSONs, each containing the items listed below.

  • Error: In case an error occurs, it description else NULL.
  • has_error : Boolean flag, tells whether an error occurred or not.
  • URL: Url or Ip of black-listed URLs.

Get URL Quota

Gets information on the number of unique URLs that are currently provisioned for your organization as well as how many URLs you can add before reaching that number.

Input Field

Choose a connection that you have previously created to complete the connection.

Output

Returns a list of JSONs, each containing the items listed below.

  • Error: In case an error occurs, it description else NULL.
  • has_error: Boolean flag, tells whether an error occurred or not.
  • uniqueUrlsProvisioned: Number of unique URLs provisioned for your organization.
  • remainingUrlsQuota: Number of unique URLs that you can still add.
{
  "uniqueUrlsProvisioned": 24004,
  "remainingUrlsQuota": 996,
  "error": null,
  "has_error": false
}

Did this page help you?