Archive
Highlighted

Is there a Splunk OPSEC LEA for Check Point Technology Add-on that runs on Windows?

Contributor

We currently are 100% windows shop, would like to know if there is a Splunk OPSEC LEA for Check Point Technology Add-on that we can run on windows.

Highlighted

Re: Is there a Splunk OPSEC LEA for Check Point Technology Add-on that runs on Windows?

Splunk Employee
Splunk Employee

The Checkpoint app is only available for Linux & Solaris.

View solution in original post

Highlighted

Re: Is there a Splunk OPSEC LEA for Check Point Technology Add-on that runs on Windows?

Splunk Employee
Splunk Employee

That is correct, as of version 2.0.x there is no Windows version. We have an enhancement request for Windows support. If other customers want it, this is the place to comment with your details.

0 Karma
Highlighted

Re: Is there a Splunk OPSEC LEA for Check Point Technology Add-on that runs on Windows?

Contributor

We are now a 99.2% windows shop.. 🙂

Highlighted

Re: Is there a Splunk OPSEC LEA for Check Point Technology Add-on that runs on Windows?

Path Finder

Hi To all/Splunking

Reviving this thread lol

in our current situation we are really need a opsec windows platform

Thanks
Cris

0 Karma
Highlighted

Re: Is there a Splunk OPSEC LEA for Check Point Technology Add-on that runs on Windows?

Engager

We need Opsec LEA Client for windows ASAP.

0 Karma
Highlighted

Re: Is there a Splunk OPSEC LEA for Check Point Technology Add-on that runs on Windows?

Path Finder

Latest Splunk Add-on for OPSEC LEA still does not support Windows platform. Can we get Windows add-on release? Not all Splunk instances are installed in Linux/Solaris. This is very important as the Windows version has old fw1-loggrabber binary which does not collect all required fields from Check Point log server especially if the logs are generated by Check Point VSX firewall.

0 Karma
Highlighted

Re: Is there a Splunk OPSEC LEA for Check Point Technology Add-on that runs on Windows?

Splunk Employee
Splunk Employee

Right now we have no plans to create a Windows version of the add-on.

A reminder that the source code is available here for anyone feeling ambitious: https://github.com/splunk/opsec_lea

0 Karma
Highlighted

Re: Is there a Splunk OPSEC LEA for Check Point Technology Add-on that runs on Windows?

Explorer

Hi Araitz,
we absolutely need it too 🙂
Thanks you, Kamil

0 Karma
Highlighted

Re: Is there a Splunk OPSEC LEA for Check Point Technology Add-on that runs on Windows?

Path Finder

We have created an alternate option where you can analyze checkpoint logs via syslog. This add-on will help you analyze Check Point logs on Windows.

https://splunkbase.splunk.com/app/2996/

I will be very happy to help anyone who is facing any issue with this Add-On.

Thanks

0 Karma