Getting Data In

Checkpoint system logs and field extraction



I'm able to receive and extract firewall traffic data using the log exporter function.  But system messages (e.g. kernel warnings) are still using "normal" syslog. There is no field extraction for these logs. Did I miss something?




Labels (3)
0 Karma
Get Updates on the Splunk Community!

Splunk Security Content for Threat Detection & Response, Q1 Roundup

Join Principal Threat Researcher, Michael Haag, as he walks through:An introduction to the Splunk Threat ...

Splunk Life | Happy Pride Month!

Happy Pride Month, Splunk Community! 🌈 In the United States, as well as many countries around the ...

SplunkTrust | Where Are They Now - Michael Uschmann

The Background Five years ago, Splunk published several videos showcasing members of the SplunkTrust to share ...