Getting Data In

Checkpoint system logs and field extraction



I'm able to receive and extract firewall traffic data using the log exporter function.  But system messages (e.g. kernel warnings) are still using "normal" syslog. There is no field extraction for these logs. Did I miss something?




Labels (3)
0 Karma
Get Updates on the Splunk Community!

.conf23 Registration is Now Open!

Time to toss the .conf-etti 🎉 —  .conf23 registration is open!   Join us in Las Vegas July 17-20 for ...

Don't wait! Accept the Mission Possible: Splunk Adoption Challenge Now and Win ...

Attention everyone! We have exciting news to share! We are recruiting new members for the Mission Possible: ...

Unify Your SecOps with Splunk Mission Control

In today’s post, I'm excited to share some recent Splunk Mission Control innovations. With Splunk Mission ...