https://community.checkpoint.com/t5/General-Topics/need-checkpoint-document-that-has-details-of-all-field-that-are/m-p/51963#M10301 This is a great collection of info, thank you for sharing! By any chance do we know where to find more additional view to import such as outlined in sk134634 SmartView's Cyber Attack View? I did a search but maybe my search criteria need to be refine/use correct key word. Fri, 26 Apr 2019 13:51:00 GMT Cyber_Serge 2019-04-26T13:51:00Z https://community.checkpoint.com/t5/General-Topics/need-checkpoint-document-that-has-details-of-all-field-that-are/m-p/51926#M10288 <P>Hi All,</P><P>&nbsp;</P><P>I am searching for a document that has details of all fields that are in log according to R80.10 version.</P><P>&nbsp;</P><P>Can anyone please help me in this.&nbsp;</P><P>&nbsp;</P><P>Thanks</P> Fri, 26 Apr 2019 06:18:49 GMT https://community.checkpoint.com/t5/General-Topics/need-checkpoint-document-that-has-details-of-all-field-that-are/m-p/51926#M10288 Ankur_Datta 2019-04-26T06:18:49Z https://community.checkpoint.com/t5/General-Topics/need-checkpoint-document-that-has-details-of-all-field-that-are/m-p/51929#M10289 <P>The <A href="http://dl3.checkpoint.com/paid/92/9212c67ac7b9d85ae730dfd73256b821/CP_R80.10_LoggingAndMonitoring_AdminGuide.pdf?HashKey=1556267739_3806b3448f6eb5a36f12ecc00ebbb753&amp;xtn=.pdf" target="_self">Logging &amp; Monitoring R80 Admin Guide</A> is probably what you are looking for.</P> Fri, 26 Apr 2019 06:40:19 GMT https://community.checkpoint.com/t5/General-Topics/need-checkpoint-document-that-has-details-of-all-field-that-are/m-p/51929#M10289 Maik 2019-04-26T06:40:19Z https://community.checkpoint.com/t5/General-Topics/need-checkpoint-document-that-has-details-of-all-field-that-are/m-p/51930#M10290 <P>Thanks for reply Maik.</P><P>&nbsp;</P><P>No i am not looking for logging and monitoring admin guide.&nbsp;</P><P>&nbsp;</P><P>The requirement is client want to know all fields that are in log file so those can be used in SIEM tool to receive historical and real time logs.&nbsp;</P><P>&nbsp;</P><P>I think the document is related to LEA.</P><P>&nbsp;</P><P>i found old document but i need for R80.10 version.</P><P>&nbsp;</P><P>Thanks&nbsp;</P> Fri, 26 Apr 2019 06:45:52 GMT https://community.checkpoint.com/t5/General-Topics/need-checkpoint-document-that-has-details-of-all-field-that-are/m-p/51930#M10290 Ankur_Datta 2019-04-26T06:45:52Z https://community.checkpoint.com/t5/General-Topics/need-checkpoint-document-that-has-details-of-all-field-that-are/m-p/51933#M10291 <P>Ah okay, I see. Could you link the old document that you have found?</P><P>This would allow the community to understand more precisely what you are looking for. <span class="lia-unicode-emoji" title=":slightly_smiling_face:">🙂</span></P> Fri, 26 Apr 2019 06:57:18 GMT https://community.checkpoint.com/t5/General-Topics/need-checkpoint-document-that-has-details-of-all-field-that-are/m-p/51933#M10291 Maik 2019-04-26T06:57:18Z https://community.checkpoint.com/t5/General-Topics/need-checkpoint-document-that-has-details-of-all-field-that-are/m-p/51959#M10300 <P>While I don't think that we have a published document for all fields available to log_exporter, there have been several posts already on Check Mates that cover some of this question.</P> <DIV class="lia-quilt-row lia-quilt-row-message-subject"> <DIV class="lia-quilt-column lia-quilt-column-24 lia-quilt-column-single lia-quilt-column-message-subject-content"> <DIV class="lia-quilt-column-alley lia-quilt-column-alley-single"> <DIV class="topic-subject-wrapper"> <DIV class="lia-message-subject lia-component-message-view-widget-subject"> <DIV class="MessageSubject"> <DIV class="MessageSubjectIcons "> <UL> <LI>Log Exporter CEF Field Mappings <UL> <LI><A href="%20https://community.checkpoint.com/t5/Logging-and-Reporting/Log-Exporter-CEF-Field-Mappings/m-p/41060?advanced=false&amp;collapse_discussion=true&amp;q=log%20fields&amp;search_type=thread" target="_blank" rel="noopener">https://community.checkpoint.com/t5/Logging-and-Reporting/Log-Exporter-CEF-Field-Mappings/m-p/41060?advanced=false&amp;collapse_discussion=true&amp;q=log%20fields&amp;search_type=thread</A></LI> </UL> </LI> <LI>Log Exporter LEEF Field Mappings <UL> <LI><A href="https://community.checkpoint.com/t5/Logging-and-Reporting/Log-Exporter-LEEF-Field-Mappings/m-p/48905?advanced=false&amp;collapse_discussion=true&amp;q=log%20fields&amp;search_type=thread" target="_self">https://community.checkpoint.com/t5/Logging-and-Reporting/Log-Exporter-LEEF-Field-Mappings/m-p/48905?advanced=false&amp;collapse_discussion=true&amp;q=log%20fields&amp;search_type=thread</A></LI> </UL> </LI> <LI>Threat Prevention Log Field Definitions <UL> <LI><A href="https://community.checkpoint.com/t5/Logging-and-Reporting/Threat-Prevention-Log-Field-Documentation/m-p/16553?advanced=false&amp;collapse_discussion=true&amp;q=log%20fields&amp;search_type=thread" target="_blank" rel="noopener">https://community.checkpoint.com/t5/Logging-and-Reporting/Threat-Prevention-Log-Field-Documentation/m-p/16553?advanced=false&amp;collapse_discussion=true&amp;q=log%20fields&amp;search_type=thread</A></LI> <LI>Additional reference: <A href="https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&amp;solutionid=sk134634" target="_blank" rel="noopener">sk134634</A></LI> </UL> </LI> </UL> </DIV> </DIV> </DIV> </DIV> </DIV> </DIV> </DIV> <P>It is also possible to review the LogFields.xml file as it includes the field definitions with a display name. It can be found in the /opt/CPrt-R80.*0/log_exporter/conf directory.</P> <P>&nbsp;</P> Fri, 26 Apr 2019 12:58:19 GMT https://community.checkpoint.com/t5/General-Topics/need-checkpoint-document-that-has-details-of-all-field-that-are/m-p/51959#M10300 masher 2019-04-26T12:58:19Z https://community.checkpoint.com/t5/General-Topics/need-checkpoint-document-that-has-details-of-all-field-that-are/m-p/51963#M10301 This is a great collection of info, thank you for sharing! By any chance do we know where to find more additional view to import such as outlined in sk134634 SmartView's Cyber Attack View? I did a search but maybe my search criteria need to be refine/use correct key word. Fri, 26 Apr 2019 13:51:00 GMT https://community.checkpoint.com/t5/General-Topics/need-checkpoint-document-that-has-details-of-all-field-that-are/m-p/51963#M10301 Cyber_Serge 2019-04-26T13:51:00Z https://community.checkpoint.com/t5/General-Topics/need-checkpoint-document-that-has-details-of-all-field-that-are/m-p/52386#M10369 <P>Sorry for late reply.</P><P>&nbsp;</P><P>Here is link for document.</P><P>&nbsp;</P><P><A href="https://community.checkpoint.com/t5/Logging-and-Reporting/LEA-Fields/td-p/38365" target="_blank">https://community.checkpoint.com/t5/Logging-and-Reporting/LEA-Fields/td-p/38365</A></P><P>&nbsp;</P><P>Basically i am looking for control logs fields.</P><P>&nbsp;Can anyone please help me in this.</P><P>&nbsp;</P><P>Thanks</P> Thu, 02 May 2019 06:48:43 GMT https://community.checkpoint.com/t5/General-Topics/need-checkpoint-document-that-has-details-of-all-field-that-are/m-p/52386#M10369 Ankur_Datta 2019-05-02T06:48:43Z https://community.checkpoint.com/t5/General-Topics/need-checkpoint-document-that-has-details-of-all-field-that-are/m-p/52391#M10372 <P>Thanks Masher,</P><P>The first link is not opening.&nbsp;</P><P>I am checking LogFields.xml file. i hope this should resolve my query.</P><P>&nbsp;</P><P>Thanks</P> Thu, 02 May 2019 08:25:38 GMT https://community.checkpoint.com/t5/General-Topics/need-checkpoint-document-that-has-details-of-all-field-that-are/m-p/52391#M10372 Ankur_Datta 2019-05-02T08:25:38Z