Our team is currently updating the field extraction for the existing Splunk Add-on for Check Point OPSEC LEA (https://splunkbase.splunk.com/app/3197/) v431
version to ensure as much of it is Splunk ES CIM compliant.
We will be doing our first push to https://github.com/enosysau/Splunk_TA_checkpoint-opseclea_Enosys
in 24-48 hours and from that point we hope for Splunk to make their project available and we can merge the projects or the community as a whole can assist us in keeping this insync with each other.
We recognise that this is a Splunk project and recognise the effort/contribution made by them to maintain this to-date.
Keen for any thoughts/updates;
https://github.com/enosysau/Splunk_TA_checkpoint-opseclea_Enosys