Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Ryan_Ryan
Advisor

Capsule Cloud Logging

Hi we have capsule cloud and we also have onprem r80.20 checkpoint gateways and log server. What we are trying to achieve is getting the capsule logs to come into the log server.

I have put a routable IP address on the log server and then configured a log exporter in capsule pointing to that IP, however the connection doesn't come up and I don't appear to see any traffic attempting to come through either when I tcpdump.

Can anyone shed some light on how this can be setup? Do we have to run the LTA agent on a server in the middle or should going straight to the log server work? Also not sure what I am supposed to be configuring on the log server, looks like it needs to be created as an opsec, but what IP address would I use for capsule cloud?

 

 

 

 

 

0 Kudos
1 Reply
PhoneBoy
Admin
Admin

Pretty sure you have to run the agent, yes, as the agent proxies the logs to your on-prem server.
On your local management you would configure the IP of the machine running the agent.

Of course, what you really should be doing is looking at moving to CloudGuard Connect, which will ultimately replace Capsule Cloud.
Are you in contact with your local Check Point office around this?

0 Kudos
Upcoming Events

    CheckMates Events