Archive
Highlighted

Splunk Add-on for Check Point OPSEC LEA: Are there pre-built data models for Splunking Check Point firewall logs?

Motivator

Are there a pre-built data models for Splunking checkpoint firewall logs.. ?
I have installed Splunk App for Check Point OPSEC LEA and successfully configured my CMA device to pull checkpoint device logs.. any help on the categorization of the CP logs also will be very helpful.

0 Karma
Highlighted

Re: Splunk Add-on for Check Point OPSEC LEA: Are there pre-built data models for Splunking Check Point firewall logs?

currently this add-on maps to the following data models:

  • network traffic
  • network sessions
  • change analysis
  • intrusion detection
0 Karma
Highlighted

Re: Splunk Add-on for Check Point OPSEC LEA: Are there pre-built data models for Splunking Check Point firewall logs?

Motivator

Currently , I see only "opsecMetrics" datamodel alone in the app "Splunk Add-on for Check Point OPSEC LEA" - What version of the app to be used to get the mentioned datamodels ?

alt text

0 Karma
Highlighted

Re: Splunk Add-on for Check Point OPSEC LEA: Are there pre-built data models for Splunking Check Point firewall logs?

download SA-CIM: https://splunkbase.splunk.com/app/1621/ and your models will come to life

0 Karma
Speak Up for Splunk Careers!

We want to better understand the impact Splunk experience and expertise has has on individuals' careers, and help highlight the growing demand for Splunk skills.