All Apps and Add-ons

Splunk Add-on for Check Point OPSEC LEA: Are the errors received on splunkd due to a bug or using an older version of the add-on?


We are using the Splunk Add-on for Check Point OPSEC LEA 3.1.0 version and getting lots of errors in splunkd. Trouble is that it's got something going on and is accounting for about 94% of all errors.

message from"/users/splunk/prod/splunk/etc/apps/Splunk_TA_opseclea_linux22/bin/ --configentity" mode: non_audit

I know there is an updated add-on for this, but I was wondering if this is just a config issue versus a bug issue? if a simple update of the add-on would be a fix then great, just not sure. advice welcomed.

Path Finder

do not update unless your checkpoint environment meets the requirements of the most recent release.

0 Karma
Register for .conf21 Now! Go Vegas or Go Virtual!

How will you .conf21? You decide! Go in-person in Las Vegas, 10/18-10/21, or go online with .conf21 Virtual, 10/19-10/20.