Join the Conversation
- Find Answers
- :
- Apps & Add-ons
- :
- All Apps and Add-ons
- :
- All Apps and Add-ons
- :
- Collect log from CheckPoint OPSEC Lea to Splunk En...
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark Topic
- Subscribe to Topic
- Mute Topic
- Printer Friendly Page
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Collect log from CheckPoint OPSEC Lea to Splunk Enterprise install on Windows OS
Hi
How can i collect the CheckPoint OPSEC Lea on Splunk Enterprise that install on Windows OS?
Because this guide (https://docs.splunk.com/Documentation/AddOns/released/OPSEC-LEA/Hardwareandsoftwarerequirements) only support on Linux OS.
Thank you
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello @mindterrian
As per the above document, the add-on supports on Linux in case if you are using Universal Forwarder to collect data.
If you are using any other component like search head or indexer , they can be on any platform.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello @vishaltaneja07011993
My environment is
Splunk Enterprise (Single Instance) install on Windows Werver 2012 R2 and install Splunk Add-on for Check Point OPSEC LEA already.
I can use this Splunk Server to collect log from Check Point via add parameter on Splunk Add-on for Check Point OPSEC LEA right?
Or i need to install Universal forwarder on Linux OS and install Splunk Add-on for Check Point OPSEC LEA after that i will collect log via Universal forwarder?
Thank you
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I can use Splunk Enterprise (Single Instance) that install on Windows OS to collect log from Check Point OPEC LEA via install Splunk Add-on for Check Point OPSEC LEA and Add connect right?
or i should install universal forwarder on Linux OS and use Splunk Add-on for Check Point OPSEC LEA on Linux OS to collect log from Check Point?
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
There is an alternate option where you can analyze checkpoint logs via syslog. This add-on will help you analyze Check Point logs on Windows.
Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!
Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.
Announcing Modern Navigation: A New Era of Splunk User Experience
Modernize your Splunk Apps – Introducing Python 3.13 in Splunk
Step into “Hunt the Insider: An Splunk ES Premier Mystery” to catch a cybercriminal ...
