https://community.splunk.com/t5/Getting-Data-In/Firewall-checkpoint-for-windows-8/m-p/68886#M13927 <P>I don't think you can using the Splunk-supplied OPSEC LEA for CheckPoint app as it only works under Linux or Solaris. You'd need a separate Linux or Solaris Splunk instance running the Checkpoint app and forward the logs to your Windows Splunk instance. I use this setup and it works ok.</P> <P>If you can't run an instance on anything but Windows for some reason, then the solution outlined in <A href="http://splunk-base.splunk.com/answers/8041/checkpoint-with-splunk-on-windows">this post</A> might help. I've not tried this method, though, so I can't comment on how well it works.</P> Mon, 24 Sep 2012 21:32:47 GMT pajohnston 2012-09-24T21:32:47Z https://community.splunk.com/t5/Getting-Data-In/Firewall-checkpoint-for-windows-8/m-p/68885#M13926 <P>Is it possible to index Check Point firewall logs in Splunk for windows?</P> Mon, 24 Sep 2012 21:10:25 GMT https://community.splunk.com/t5/Getting-Data-In/Firewall-checkpoint-for-windows-8/m-p/68885#M13926 christinmb 2012-09-24T21:10:25Z https://community.splunk.com/t5/Getting-Data-In/Firewall-checkpoint-for-windows-8/m-p/68886#M13927 <P>I don't think you can using the Splunk-supplied OPSEC LEA for CheckPoint app as it only works under Linux or Solaris. You'd need a separate Linux or Solaris Splunk instance running the Checkpoint app and forward the logs to your Windows Splunk instance. I use this setup and it works ok.</P> <P>If you can't run an instance on anything but Windows for some reason, then the solution outlined in <A href="http://splunk-base.splunk.com/answers/8041/checkpoint-with-splunk-on-windows">this post</A> might help. I've not tried this method, though, so I can't comment on how well it works.</P> Mon, 24 Sep 2012 21:32:47 GMT https://community.splunk.com/t5/Getting-Data-In/Firewall-checkpoint-for-windows-8/m-p/68886#M13927 pajohnston 2012-09-24T21:32:47Z https://community.splunk.com/t5/Getting-Data-In/Firewall-checkpoint-for-windows-8/m-p/68887#M13928 <P>If you are looking for a simplified solution I suggest you try the follow Add-ON.</P> <P><A href="https://splunkbase.splunk.com/app/2996/">https://splunkbase.splunk.com/app/2996/</A></P> <P>This add-on collect firewall logs in syslog format and extracts all the necessary fields. You can use any other Check Point App on top of this Add-on.</P> Tue, 05 Jan 2016 07:45:17 GMT https://community.splunk.com/t5/Getting-Data-In/Firewall-checkpoint-for-windows-8/m-p/68887#M13928 ashokqos 2016-01-05T07:45:17Z