Archive

Is there a Splunk OPSEC LEA for Check Point Technology Add-on that runs on Windows?

Contributor

We currently are 100% windows shop, would like to know if there is a Splunk OPSEC LEA for Check Point Technology Add-on that we can run on windows.

1 Solution

Splunk Employee
Splunk Employee

The Checkpoint app is only available for Linux & Solaris.

View solution in original post

Path Finder

We have created an alternate option where you can analyze checkpoint logs via syslog. This add-on will help you analyze Check Point logs on Windows.

https://splunkbase.splunk.com/app/2996/

I will be very happy to help anyone who is facing any issue with this Add-On.

Thanks

0 Karma

Splunk Employee
Splunk Employee

The Checkpoint app is only available for Linux & Solaris.

View solution in original post

Explorer

Hi Araitz,
we absolutely need it too 🙂
Thanks you, Kamil

0 Karma

Path Finder

Latest Splunk Add-on for OPSEC LEA still does not support Windows platform. Can we get Windows add-on release? Not all Splunk instances are installed in Linux/Solaris. This is very important as the Windows version has old fw1-loggrabber binary which does not collect all required fields from Check Point log server especially if the logs are generated by Check Point VSX firewall.

0 Karma

Splunk Employee
Splunk Employee

Right now we have no plans to create a Windows version of the add-on.

A reminder that the source code is available here for anyone feeling ambitious: https://github.com/splunk/opsec_lea

0 Karma

Engager

We need Opsec LEA Client for windows ASAP.

0 Karma

Path Finder

Hi To all/Splunking

Reviving this thread lol

in our current situation we are really need a opsec windows platform

Thanks
Cris

0 Karma

Contributor

We are now a 99.2% windows shop.. 🙂

Splunk Employee
Splunk Employee

That is correct, as of version 2.0.x there is no Windows version. We have an enhancement request for Windows support. If other customers want it, this is the place to comment with your details.

0 Karma