In my case, I left OPSEC LEA and used the Checkpoint Log Exporter to send via syslog. It comes very complete also in OPSEC.
Thank you.
James \m/
... View more
When the checkpoint add-on is trying to connect to the checkpoint server, it will try to resolve itself. When it is unable to do so, it will exit with a "segmentation fault" message.
Add a host entry with the hostname of Splunk server and its IP in /etc/hosts and the segmentation fault should go away.
... View more