Skip to main content
All CollectionsTemplatesIntermediate
Add and Remove URLs from the Global Blacklist (Zscaler) - Workflow Template
Add and Remove URLs from the Global Blacklist (Zscaler) - Workflow Template

Triggers from Slack message for check url or remove url for the Global Blacklist for Zscaler. On a check url, the URL category is provided.

Updated over a week ago

This workflow template automates the process of managing URLs on the Global Blacklist in Zscaler via Slack commands. Users can easily check URL categories or remove URLs from the blacklist. It streamlines network security operations by filtering for unique URLs, categorizing them, and updating the global blacklist based on approval – all through Slack interactions. This efficient system facilitates quick response to security alerts and maintains the integrity of network access policies.

Trigger

Slack

Optional Triggers

Webhook,"Microsoft Teams",Webex

Use Cases

Remediate Network Security Alerts

Workflow Breakdown

  1. Receive a trigger from Slack for either check url or remove url

  2. Filter for unique URLs and provide the hostname.domain name for the blacklist

  3. If check url, the URL's are looked up to the current categories, and if approved added to the global blacklist

  4. If remove url, the URL's are removed from the global blacklist if approved

  5. After either operation, the user is asked if they would like to review the current blacklist

Vendors

Slack, Utils, Zscaler Internet Access

Workflow Output

Success/Failure via Slack

Tips

Modify the Slack command based on the filter for the trigger","Multiple URLs can be sent in one command to the workflow

Did this answer your question?