Alerting
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

CheckPoint Firewall Block APP

dteixeira98
Engager
‎09-17-2021 03:09 AM

Hi everyone,

so I´m using CheckPoint Firewall Block app to block some ip's. 
If I try to block them manually like this:

dteixeira98_0-1631872888694.png

I'm getting this:

dteixeira98_1-1631872967103.png

The IP is being blocked.

However, when I'm configuring an alert condition to block it automatically :

dteixeira98_2-1631873145460.png

I get this:

dteixeira98_5-1631873289142.png

so, the IP is not being blocked.

 

Someone had the same problem and know how to solve it?

Labels (2)
Labels
0 Karma
Reply
Get Updates on the Splunk Community!

Infographic provides the TL;DR for the 2024 Splunk Career Impact Report

We’ve been buzzing with excitement about the recent validation of Splunk Education! The 2024 Splunk Career ...

Enterprise Security Content Update (ESCU) | New Releases

In December, the Splunk Threat Research Team had 1 release of new security content via the Enterprise Security ...

Why am I not seeing the finding in Splunk Enterprise Security Analyst Queue?

(This is the first of a series of 2 blogs). Splunk Enterprise Security is a fantastic tool that offers robust ...