Solved: OPSEC lea_loggrabber failed to run

ksirisawatdi_sp · ‎02-10-2012

My customer try OPSEC lea_loggrabber and getting error message saying that "Segmentation fault". Anyone having sillier issue before?

Chubbybunny · ‎02-27-2012

The lea_loggrabber client can encounter a "segmentation fault" for various reasons.
To gain a better understanding of the problem, you should elevate the OPSEC debugging level using the article below:
how-can-i-debug-my-lea-client-for-checkpoint

View solution in original post

mlogendra_splun · ‎02-07-2019

When the checkpoint add-on is trying to connect to the checkpoint server, it will try to resolve itself. When it is unable to do so, it will exit with a "segmentation fault" message.

Add a host entry with the hostname of Splunk server and its IP in /etc/hosts and the segmentation fault should go away.

jgedeon120 · ‎02-27-2012

If you are looking at getting logs from a Check Point you may want to take a look at this article. I'm also in the long process of creating a Check Point App for Splunk and it does use this method of getting the logs from the management server.

Splunking Check Point

Chubbybunny · ‎02-27-2012

The lea_loggrabber client can encounter a "segmentation fault" for various reasons.
To gain a better understanding of the problem, you should elevate the OPSEC debugging level using the article below:
how-can-i-debug-my-lea-client-for-checkpoint

OPSEC lea_loggrabber failed to run

Using Machine Learning for Hunting Security Threats

Observability Newsletter Highlights | March 2023

Security Newsletter Updates | March 2023