Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Julian_Sanchez
Collaborator

Logs for SandBlast Agent Cloud

Hello, 

Anyone know how send the logs the SandBlast Agent Cloud to log server on-premise? 

I was searching and only found export log to third-parties Splunk, Arcsight, QRadar with log_exporter but if I dont have a SIEM how I have the logs in my SMS on-premise? 

Regards, 

 

Julian S. 

5 Replies
Kobie_Bendalak
Employee Alumnus
Employee Alumnus

@Julian_Sanchez  At this time this is your only option, there's no native integration to an on-premise SmartEvent - you could use Syslog (but it has drawbacks and limitations).

A major item on our short-term roadmap.

Julian_Sanchez
Collaborator

Hello Kobie, 

Thank you for the information. I hope CheckPoint can integrante it. 

 

Luiz_
Collaborator

Hi there!

Do we have updates on this?

Customer has a Quantum 6200 cluster connected to a virtual SMS/SmartEvent on-premise. He wants to purchase Harmony Endpoint unless if there's a way to send EPMaaS logs to his SMS/SmartEvent on-premise to have all information about his network/endpoints on the same SmartEvent.

The closer I saw about this was this SK, not sure if it works. At the very least would need TAC to setup things on the EPMaaS side: https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solut...

0 Kudos
_Val_
Admin
Admin

Why don't you take this with your local Check Point office? This is obviously a sales engineering question. Let them help you.

Chris_Atkinson
Employee Employee
Employee

@_Val_ is correct this likely requires an RFE and isn't a one size fits all solution.

* Some might like logs directly to their SIEM.

* Some might prefer an on-prem policy server to forward logs to SmartEvent.

* Some might prefer direct SmartEvent integration.

The later will likely occur first via a cloud hosted option.

CCSM R77/R80/ELITE

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events