New here so apologies if this has been asked before? Has anyone integrated their stack with Zscalers Nanolog or NSS service for SIEM? If so is there any beats advice for connectivity, normalisation or community rules?
Zscalers website talks a lot about integrations with Splunk, Qradar, SUMO Logic etc but I cannot find anything on there regarding whether it is just a syslog forwarder or something specific that is needed.
Any help is really appreciated.