This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
franctorres
Participant
‎2021-08-25 08:08 AM
Jump to solution

Harmony Email & Office Logs in a SIEM

Hi good day...  Is there a guide to connect the Harmony Email & Office logs into a SIEM system? 

I don´t know if this guide sk146032 apply for SIEMS too.

 

Regards

0 Kudos
1 Solution

Accepted Solutions
PhoneBoy
Admin
Admin
‎2021-08-25 01:34 PM
Jump to solution

Just to provide some context, I'm pretty certain this is for HEO 1.0 (product formerly known as CloudGuard SaaS).
And yes, because this allows export of logs to an on-premise Security Management Server (not Multi-Domain, and not for R81 and above), theoretically this would allow you to use Log Export to put them in a SIEM.
Not sure you can do this for HEO 2.0.

Meanwhile, I know Smart-1 Cloud has specific SKUs to allow for Log Exporter to be run from the cloud.
I believe it also has to be configured by TAC.
There does not appear to be similar SKUs for HEO, however I do know that we are unifying the logs among our Infinity Portal offerings, so there may be a SKU/option for this in the future.

View solution in original post

0 Kudos
2 Replies
PhoneBoy
Admin
Admin
‎2021-08-25 01:34 PM
Jump to solution

Just to provide some context, I'm pretty certain this is for HEO 1.0 (product formerly known as CloudGuard SaaS).
And yes, because this allows export of logs to an on-premise Security Management Server (not Multi-Domain, and not for R81 and above), theoretically this would allow you to use Log Export to put them in a SIEM.
Not sure you can do this for HEO 2.0.

Meanwhile, I know Smart-1 Cloud has specific SKUs to allow for Log Exporter to be run from the cloud.
I believe it also has to be configured by TAC.
There does not appear to be similar SKUs for HEO, however I do know that we are unifying the logs among our Infinity Portal offerings, so there may be a SKU/option for this in the future.

0 Kudos
franctorres
Participant
‎2021-08-26 08:47 AM
In response to PhoneBoy
Jump to solution

Thanks for the response PhoneBoy

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    In-Person

    Tue 18 Mar 2025 @ 09:30 AM (EET)

    CheckMates Live Greece
    In-Person

    Tue 25 Mar 2025 @ 09:00 AM (EDT)

    Canada In-Person Cloud Security with Hands-On CloudGuard Workshops!
    In-Person

    Tue 25 Mar 2025 @ 12:00 PM (MDT)

    Salt Lake City: CPX 2025 Recap
    In-Person

    Tue 08 Apr 2025 @ 12:00 PM (MDT)

    Denver: CPX 2025 Recap
    CheckMates Events
    Top