Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
jcat
Explorer

Exporting Traffic Logs in Harmony Connect

Hi,

We've been having major challenges to generate the the traffic logs in Harmony Connect. Each time we modify the dates, we are unable to see other dates than the current and it looks like that there are also no functions to go to next page, we have reached the bottom of the page already but still unable to see previous days.

I've heard something about SIEM integration but we are not knowledgeable with this. Is there a step by step guide somewhere? we are planning to use SolarWinds or Splunk.

Appreciate if anyone can assist.

 

Thank you

JC

0 Kudos
4 Replies
Chris_Atkinson
Employee Employee
Employee

Harmony Connect supports exporting all logs except Application Access logs to the third-party applications, such as SIEM. To export, go to Global Settings > Event Forwarding. For more information, see Event Forwarding in the Infinity Portal Administration Guide.

CCSM R77/R80/ELITE
0 Kudos
jcat
Explorer

Hi Chris,

 

thanks for the reply.

I've seen that link numerous times but as mentioned, we're novice with SIEM setup. It looks easy from Harmony Connect side but what we are trying to achieve is to have a working SIEM which can or will cater syslog from Harmony Connect. This is the guide we are looking for.

0 Kudos
PhoneBoy
Admin
Admin

The issues you’re describing with viewing the logs sound like bugs and should be reported via the TAC: https://help.checkpoint.com

As for integrating with specific SIEMs, beyond the documentation that has already been provided, I am not aware of specific integration guides with specific SIEMs.

0 Kudos
Nachi
Explorer

0 Kudos
Upcoming Events

    Thu 25 Apr 2024 @ 11:00 AM (SGT)

    APAC: CPX 2024 Recap

    Tue 30 Apr 2024 @ 03:00 PM (CDT)

    EMEA: CPX 2024 Recap

    Wed 01 May 2024 @ 02:00 PM (EDT)

    South US: HTTPS Inspection Best Practices

    Thu 02 May 2024 @ 11:00 AM (SGT)

    APAC: What's new in R82

    Thu 25 Apr 2024 @ 11:00 AM (SGT)

    APAC: CPX 2024 Recap

    Tue 30 Apr 2024 @ 03:00 PM (CDT)

    EMEA: CPX 2024 Recap

    Wed 01 May 2024 @ 02:00 PM (EDT)

    South US: HTTPS Inspection Best Practices

    Thu 02 May 2024 @ 11:00 AM (SGT)

    APAC: What's new in R82
    CheckMates Events