Zscaler Private Access

Experience the power of CompassOne

Get a Demo

Integrate. Simplify. Protect.

Collect and store Zscaler Private Access (ZPA) User Activity logs while increasing CompassOne’s threat detection capabilities and gaining visibility into who is accessing your private applications, from where, and when. With OCSF field mapping, advanced search, and 12 months of included storage, this integration strengthens both your Zero Trust posture and your compliance coverage.

Zscaler Private Access + CompassOne Overview

01Capture private application access activity

Forward User Activity logs from Zscaler Private Access into CompassOne via syslog—including connection events, application access records, user identity, and policy decisions—all indexed, mapped to OCSF, and ready for search and analysis.

02Increase threat detection capabilities

Zscaler Private Access User Activity logs provide additional telemetry that increases Blackpoint’s ability to detect threats, such as anomalous access patterns, connections from unexpected locations, and unusual data transfer volumes, and support security investigations across your environment.

03Support Zero Trust compliance and audits

Retain a normalized record of private application access, policy enforcement, and connection activity to meet regulatory standards, satisfy cyber insurance requirements, and support audit cycles.

04Targeted log search

Search Zscaler Private Access events using time and field filters, keyword matching, and advanced query syntax to pinpoint exactly what you need during access reviews, audits, or incident investigations.

05Standardized schema for consistency

CompassOne maps Zscaler Private Access logs to the Open Cybersecurity Schema Framework (OCSF), making them structured, searchable by field, and compatible with third-party tools for parsing, visualization, and analysis.

06Included storage with flexible retention

Get 12 months of Zscaler Private Access log storage at no additional cost. Longer retention is available at a predictable monthly rate.

07Up and running quickly

Configure a Log Receiver in Zscaler’s Log Streaming Service (LSS) to forward User Activity logs to the Blackpoint Agent, and Zscaler Private Access connection data starts flowing into CompassOne.

See how CompassOne brings your Zscaler Private Access logs and security together.

Get a Demo

Experience the power of CompassOne

Get a Demo

Details

  • Categories

    Network Security

  • Integration Type

    Syslog via Blackpoint Agent

  • Time to Integrate

    10 minutes

  • Support Resources

    Partner Support Article

  • Integrated Data

    • Collect and store Zscaler Private Access User Activity logs, including connection events, application access records, and policy enforcement data
    • Logs are mapped to OCSF and searchable by field, keyword, and timestamp

  • Additional Benefits

    • Increases CompassOne threat detection capabilities
    • Advanced log search with field filters and query syntax
    • One-year complementary log storage
    • Predictable, fixed pricing