Skip to main content

Zoom

Thumbnail icon

Zoom unifies cloud video and audio conferencing, simple online meetings, and group messaging into one easy-to-use platform. The cloud platform facilitates collaboration across mobile devices, desktops, telephones, and room systems for an online meeting space you can depend on. Zoom allows you to stay connected wherever you go with face-to-face video, high quality screen sharing, and instant messaging.

The Sumo Logic app for Zoom provides visibility into how Zoom is being used across your organization, displaying analytics on performance, availability, security, and user activity. The app aggregates and reports on data so you can correlate and investigate trends and respond to incidents across all of your IT tools in a consistent and timely manner.

Log types

Zoom uses Webhook events, that are documented in full on this Zoom web page.

The Webhook events are grouped into the following core event types:

  • Meeting Events
  • Webinar Events
  • Recording Events
  • Zoom Room Events
  • User Events
  • Account Events

Sample log messages

{
	"event":"meeting.participant_left",
	"payload":"▼"{
		"account_id":"eSqnB7aCS0KKx0_adadb1HQ",
		"object":"▼"{
			"duration":60,
			"start_time":"2020-04-01T19:24:06Z",
			"timezone":"America/Denver",
			"topic":"My Meeting",
			"id":"981802874",
			"type":2,
			"uuid":"/m84vL38R3exBtjhvdWxMad==",
			"participant":"▼"{
				"leave_time":"2020-04-01T19:24:20Z",
				"id":"FDGHUPeiSZGAa6pmYTlpiA",
				"user_id":"16778240",
				"user_name":"Test User"
			},
			"host_id":"FDGHUPeiSZADa6pmYTlpiA"
		}
	}
}

Sample queries

_sourceCategory=zoom
| json "event", "payload.object.start_time", "payload.object.topic", "payload.object.uuid", "payload.object.id", "payload.object.type", "payload.object.duration" as event, meeting_start_time, topic, meeting_instance_id, meeting_number, meeting_type, meeting_duration nodrop
| where event = "meeting.started"
| "Unknown" as meeting_type_desc
| if (meeting_type == 1, "Instant Meeting", meeting_type_desc) as meeting_type_desc
| if (meeting_type == 2, "Scheduled Meeting", meeting_type_desc) as meeting_type_desc
| if (meeting_type == 3, "Recurring Meeting with No Fixed Time", meeting_type_desc) as meeting_type_desc
| if (meeting_type == 4, "Meeting started with Personal Meeting ID", meeting_type_desc) as meeting_type_desc
| if (meeting_type == 8, "Recurring Meeting with Fixed Time", meeting_type_desc) as meeting_type_desc
| count by meeting_instance_id
| count

Set up collection

Follow the instructions for setting up HTTP Integration for Zoom source and use the same source category while installing the app.

Installing the Zoom app

To install the app, do the following:

note

Next-Gen App: To install or update the app, you must be an account administrator or a user with Manage Apps, Manage Monitors, Manage Fields, Manage Metric Rules, and Manage Collectors capabilities depending upon the different content types part of the app.

  1. Select App Catalog.
  2. In the 🔎 Search Apps field, run a search for your desired app, then select it.
  3. Click Install App.
    note

    Sometimes this button says Add Integration.

  4. Click Next in the Setup Data section.
  5. In the Configure section of your respective app, complete the following fields.
    1. Field Name. If you already have collectors and sources set up, select the configured metadata field name (eg _sourcecategory) or specify other custom metadata (eg: _collector) along with its metadata Field Value.
  6. Click Next. You will be redirected to the Preview & Done section.

Post-installation

Once your app is installed, it will appear in your Installed Apps folder, and dashboard panels will start to fill automatically.

Each panel slowly fills with data matching the time range query received since the panel was created. Results will not immediately be available but will be updated with full graphs and charts over time.

Viewing Zoom dashboards

All dashboards have a set of filters that you can apply to the entire dashboard. Use these filters to drill down and examine the data to a granular level.

  • You can change the time range for a dashboard or panel by selecting a predefined interval from a drop-down list, choosing a recently used time range, or specifying custom dates and times. Learn more.
  • You can use template variables to drill down and examine the data on a granular level. For more information, see Filtering Dashboards with Template Variables.
  • Most Next-Gen apps allow you to provide the scope at the installation time and are comprised of a key (_sourceCategory by default) and a default value for this key. Based on your input, the app dashboards will be parameterized with a dashboard variable, allowing you to change the dataset queried by all panels. This eliminates the need to create multiple copies of the same dashboard with different queries.

Overview

The Zoom - Overview dashboard provides an at-a-glance view of the state of your Zoom environment in terms of reliability, performance, user activity, and security by reporting on meetings, hosts, webinars, alerts and guest activity.

Use this dashboard to:

  • Quickly identify and investigate Zoom issues your organization has been experiencing.
  • Identify frequently used meeting-ids to prevent Zoom bombing.
  • Assess the number of people in and out of your organization who are using Zoom and their level of activity.
Zoom dashboards

Availability

The Zoom - Availability dashboard provides insights into meeting, webinar, and Zoom room alerts in your environment. A meeting alert event is triggered when a service issue is encountered during a meeting and a Zoom Room alert event is triggered when there is an issue related to a Zoom Room.

Use this dashboard to:

  • Quickly identify meeting issues such as unstable audio and video connections, and poor screen sharing quality.
  • Quickly identify issues in a Zoom Room device such as low battery or connection issues.
Zoom dashboards

User Activity

The Zoom - User Activity dashboard provides visibility into Zoom user presence and their activities. Panels display user trends, setting preferences, recording and screen sharing comparisons, as well as chat message details.

Use this dashboard to:

  • Identify how users choose to appear in Zoom meetings Identify user setting changes.
  • Determine the types of recordings most frequently used and the size of files generated to assess current resources and plan for growth.
  • Analyze types of content shared during collaboration.
Zoom dashboards

Guest Activity

The Zoom - Guest Activity dashboard provides visibility into the Zoom guest users, their activities, and trends. Panels also display detailed information on screen sharing with guest participants, meetings with regular guests, and those with the most guest participants.

Use this dashboard to:

  • Monitor overall guest activity to assess resources.
  • Determine the meeting topics that attracted the most guest participants.
  • Identify which hosts had the most guest participants.
Zoom dashboards

Zoom - Administrator Activity

The Zoom - Administrator Activity dashboard provides insights into Administrative trends, user account activities, and user account trends.

Use this dashboard to:

  • Audit activity by administrators.
  • Quickly identify recent account and user changes.
  • Monitor administrator activity trends to identify how to best optimize for the future.
Zoom dashboards

Meeting Usage

The Zoom - Meeting Usage dashboard provides visibility into the number and types of Zoom meetings conducted, along with the hosts and participants of those meetings. Panels display meeting trends, as well as details on frequently used meeting numbers and hosts who have personal meeting rooms.

Use this dashboard to:

  • Determine the level of collaboration occurring in your organization.
  • Monitor behavioral trends around how meetings are created, meeting duration, and how often meetings end of time to plan for and allocate required resources.
Zoom dashboards

Authentication

The Zoom - Authentication dashboard provides an insight into the number and type of logins, trends, and Zoom clients and devices used.

Use this dashboard to:

  • Quickly identify types of devices and Zoom clients used to ensure users are not running vulnerable clients.
  • Determine highest activity times for Zoom activity and collaboration and plan accordingly.
Zoom dashboards

Meeting Security

The Zoom - Meeting Security dashboard provides visibility into meeting security as it relates to frequently used meeting-id’s and personal meeting rooms, as well as monitor when meetings are updated in a way that don’t conform to security best practices.

Use this dashboard to:

  • Identify frequently used meeting-ids and personal meetings rooms being used to prevent Zoom bombing.
  • Quickly identify which meetings are being updated to bypass security best practices.
Zoom dashboards

Webinars

The Zoom - Webinars dashboard provides visibility into the number and types of webinars, the participants, and trends. Panels also provide details on webinar authentications and comparisons of registered participants and those who actually participate.

Use this dashboard to:

  • Determine the number and types of webinars and the participants who joined.
  • Identify interest level, participation and assess the success of the webinars.
Zoom dashboards

Upgrade/Downgrade the Zoom app (Optional)

To update the app, do the following:

note

Next-Gen App: To install or update the app, you must be an account administrator or a user with Manage Apps, Manage Monitors, Manage Fields, Manage Metric Rules, and Manage Collectors capabilities depending upon the different content types part of the app.

  1. Select App Catalog.
  2. In the Search Apps field, search for and then select your app.
    Optionally, you can identify apps that can be upgraded in the Upgrade available section.
  3. To upgrade the app, select Upgrade from the Manage dropdown.
    1. If the upgrade does not have any configuration or property changes, you will be redirected to the Preview & Done section.
    2. If the upgrade has any configuration or property changes, you will be redirected to the Setup Data page.
    3. In the Configure section of your respective app, complete the following fields.
      1. Field Name. If you already have collectors and sources set up, select the configured metadata field name (eg _sourcecategory) or specify other custom metadata (eg: _collector) along with its metadata Field Value.
    4. Click Next. You will be redirected to the Preview & Done section.

Post-update

Your upgraded app will be installed in the Installed Apps folder and dashboard panels will start to fill automatically.

note

See our Release Notes changelog for new updates in the app.

To revert the app to a previous version, do the following:

  1. Select App Catalog.
  2. In the Search Apps field, search for and then select your app.
  3. To version down the app, select Revert to < previous version of your app > from the Manage dropdown.

Uninstalling the Zoom app (Optional)

To uninstall the app, do the following:

  1. Select App Catalog.
  2. In the 🔎 Search Apps field, run a search for your desired app, then select it.
  3. Click Uninstall.
Status
Legal
Privacy Statement
Terms of Use

Copyright © 2025 by Sumo Logic, Inc.