zscaler-insights
$
npx mdskill add automateyournetwork/netclaw/zscaler-insightsAccess Zscaler security data for threat intelligence and analytics
- Provides visibility into security events, threats, and anomalies
- Uses Zscaler OneAPI to retrieve threat intelligence and event data
- Analyzes traffic patterns and security events to identify risks
- Returns structured data and insights for security monitoring and reporting
SKILL.md
.github/skills/zscaler-insightsView on GitHub ↗
--- name: zscaler-insights description: "Access analytics, threat intelligence, and security event data." version: 1.0.0 license: Apache-2.0 author: netclaw tags: [] --- # Zscaler Insights Skill Access analytics, threat intelligence, and security event data. ## Tools | Tool | Description | |------|-------------| | `get_threat_intelligence` | Get threat intelligence data | | `list_security_events` | List security events | | `get_security_event` | Get security event details | | `list_blocked_threats` | List blocked threats | | `get_blocked_threat` | Get blocked threat details | | `get_traffic_analytics` | Get traffic analytics | | `list_anomalies` | List detected anomalies | | `get_anomaly` | Get anomaly details | | `list_sandbox_reports` | List sandbox analysis reports | | `get_sandbox_report` | Get sandbox report details | | `get_risk_score` | Get organizational risk score | | `list_top_threats` | List top threats by category | | `get_compliance_status` | Get compliance posture | ## Example Queries ``` Show security events from the last hour What threats were blocked today? Get threat intelligence for IP 1.2.3.4 Show traffic anomalies detected this week List sandbox reports for suspicious files ``` ## Prerequisites - `ZSCALER_CLIENT_ID` OneAPI client ID - `ZSCALER_CLIENT_SECRET` OneAPI client secret - `ZSCALER_CUSTOMER_ID` Customer/tenant ID - `ZSCALER_VANITY_DOMAIN` Vanity domain - `ZSCALER_MCP_SERVICES` must include `zinsights` ## Server This skill uses the `zscaler-mcp` server which connects to Z-Insights via OneAPI.
More from automateyournetwork/netclaw
- aap-automationRed Hat Ansible Automation Platform — inventory management, job template execution, project SCM sync, ad-hoc commands, host management, Galaxy content discovery. Use when automating infrastructure with Ansible, running playbooks, managing inventories, or searching for Ansible collections and roles.
- aap-edaEvent-Driven Ansible (EDA) — activation lifecycle, rulebook management, decision environments, event stream monitoring. Use when managing event-driven automation triggers, enabling/disabling activations, or reviewing EDA rulebooks.
- aap-lintansible-lint playbook and role validation — syntax checking, best practice enforcement, project-wide analysis, rule filtering. Use when validating Ansible playbooks, checking code quality, or enforcing automation best practices before deployment.
- aci-change-deploySafe ACI policy change deployment - ServiceNow CR lifecycle, pre/post-change fault baselines, APIC policy application, automatic rollback on fault delta, and GAIT audit trail. Use when deploying ACI policy changes, creating tenants or EPGs, pushing config to APIC, or running a change window with rollback protection.
- aci-fabric-auditComprehensive Cisco ACI fabric health audit - node status, tenant/VRF/BD/EPG policy review, contract analysis, fault triage, and endpoint learning verification. Use when auditing ACI fabric health, checking for faults, reviewing tenant policies, or running pre/post-change baselines on APIC.
- arista-cvpArista CloudVision Portal (CVP) automation via REST API — device inventory, events, connectivity monitoring, tag management (4 tools). Use when managing Arista devices, checking CloudVision events, monitoring network connectivity probes, or tagging devices in CVP.
- aruba-cx-configView and manage Aruba CX switch configurations, perform ISSU upgrades, and firmware operations
- aruba-cx-interfacesMonitor Aruba CX switch interface status, LLDP neighbors, and optical transceiver health
- aruba-cx-switchingView and manage Aruba CX switch VLANs and MAC address tables for Layer 2 operations
- aruba-cx-systemDiscover Aruba CX switch system information, firmware versions, and VSF topology