https://community.checkpoint.com/t5/Off-Topic/External-syslog-solution/m-p/211444#M310 <P>This is more of an "Off Topic" question <span class="lia-unicode-emoji" title=":slightly_smiling_face:">🙂</span></P> <P>Your favorite Linux distribution includes a syslog server, either as part of the install or is installable (e.g. syslog-ng)<BR />In the very distant past, I've used Kiwi Syslog on Windows, which appears to now be owned by Solarwinds.<BR />For other options, I defer to the rest of the community.&nbsp;</P> Tue, 16 Apr 2024 16:11:37 GMT PhoneBoy 2024-04-16T16:11:37Z https://community.checkpoint.com/t5/Off-Topic/External-syslog-solution/m-p/211411#M309 <P>I am looking for a recommendation on an external syslog solution which can capture the log entries for forensic purposes.</P> Tue, 16 Apr 2024 13:43:02 GMT https://community.checkpoint.com/t5/Off-Topic/External-syslog-solution/m-p/211411#M309 jfischer 2024-04-16T13:43:02Z https://community.checkpoint.com/t5/Off-Topic/External-syslog-solution/m-p/211444#M310 <P>This is more of an "Off Topic" question <span class="lia-unicode-emoji" title=":slightly_smiling_face:">🙂</span></P> <P>Your favorite Linux distribution includes a syslog server, either as part of the install or is installable (e.g. syslog-ng)<BR />In the very distant past, I've used Kiwi Syslog on Windows, which appears to now be owned by Solarwinds.<BR />For other options, I defer to the rest of the community.&nbsp;</P> Tue, 16 Apr 2024 16:11:37 GMT https://community.checkpoint.com/t5/Off-Topic/External-syslog-solution/m-p/211444#M310 PhoneBoy 2024-04-16T16:11:37Z https://community.checkpoint.com/t5/Off-Topic/External-syslog-solution/m-p/211445#M311 <P>Splunk is good for that.</P> Tue, 16 Apr 2024 16:14:07 GMT https://community.checkpoint.com/t5/Off-Topic/External-syslog-solution/m-p/211445#M311 the_rock 2024-04-16T16:14:07Z https://community.checkpoint.com/t5/Off-Topic/External-syslog-solution/m-p/211448#M312 <P>I should clarify, I am trying to get to Smart-1 Cloud but the logging retention is only 90 days based upon the calculations.&nbsp; I need a solution to store log files 4-7 years (based upon who you ask).&nbsp; The hosted solutions were outside the scope of what could be justified.&nbsp; The logs need to roll into some sort of cold storage solution but Checkpoint has not got around to that solution.</P> Tue, 16 Apr 2024 16:24:39 GMT https://community.checkpoint.com/t5/Off-Topic/External-syslog-solution/m-p/211448#M312 jfischer 2024-04-16T16:24:39Z https://community.checkpoint.com/t5/Off-Topic/External-syslog-solution/m-p/211450#M313 <P>We use siem elastic, its awesome. Not sure what is longest log retention, but will ask one of colleagues in that team.</P> Tue, 16 Apr 2024 16:47:39 GMT https://community.checkpoint.com/t5/Off-Topic/External-syslog-solution/m-p/211450#M313 the_rock 2024-04-16T16:47:39Z https://community.checkpoint.com/t5/Off-Topic/External-syslog-solution/m-p/211492#M314 <P>Some of the SKUs in the Product Catalog actually state a 90-day retention time for logs.<BR />You can purchase longer retention using the SKU:&nbsp;<SPAN>CPSM-EVENTS-EXT-RET12M-1Y (this extends it to 1 year).</SPAN></P> <P>If you're going to export from Smart-1 Cloud (would have been a good thing to mention up-front), you will need to have one or more of the following SKUs:&nbsp;CPSM-CLOUD-1GB-LOGEXP-1Y<BR />You should also consider using something known to work with Log Exporter (what we use on the backend):&nbsp;<A href="https://support.checkpoint.com/results/sk/sk122323" target="_blank">https://support.checkpoint.com/results/sk/sk122323</A>&nbsp;</P> <P>Strongly suggest working with your local Check Point office on this to ensure you get the solution that will best meet your needs.</P> Tue, 16 Apr 2024 20:56:23 GMT https://community.checkpoint.com/t5/Off-Topic/External-syslog-solution/m-p/211492#M314 PhoneBoy 2024-04-16T20:56:23Z