- Products
- Learn
- Local User Groups
- Partners
- More
What's New in R82.10?
Watch HereWhen the Agents Attack
A Live Look at Agentic Exposure Validation
AI Security Masters E8:
Claude Mythos: New Era in Cyber Security
CheckMates Go:
CheckMates Fest
Hi,
So we've been exporting our gateway *audit logs* regularly in 77.30 to splunk, and now we upgraded to 80.10.
With the new API, we are wondering if it's possible to export the logs of the API.
Let's say for example, if someone ran a "show group" command from the management server, it's log would be exported and seen on splunk.
Is it possible?
Have you tried the Log Exporter for that purpose (sk122323)?
You would need to install the Check_Point_R80.10_Log_Exporter_T50_sk122323_FULL.tgz package first as far as I can see and then I would refer you to the most relevant section for you:
Splunk
It is recommended to use Check Point App for Splunk when exporting logs to Splunk server.
For more information about installation and deployment, please see the Check Point App for Splunk User Guide.
In addition, in order to configure an encrypted connection, do the following:
1. Generate server pem file:
cat syslogServer.crt syslogServer.key RootCA.pem > splunk.pem
2. Update the inputs.conf file on the Splunk server
vi /opt/splunk/etc/apps/search/local/inputs.conf
[SSL]
serverCert = /etc/ssl/my-certs/splunk.pem
sslPassword = <challenge password>
requireClientCert = true
[tcp-ssl://<port>]
index = <index>
3. Update the server.conf file on the Splunk server
vi /opt/splunk/etc/system/local/server.conf
[sslConfig]
sslRootCAPath = /etc/ssl/my-certs/RootCA.pem
4. Restart Splunk
/opt/splunk/bin/splunk restart
I hope this helps.
Hi, i am using log exporter but the only logs it exports are clish logs or ssh connections, but not the linux expert commands. is there any other configuration i need to make?
ok, what about API commands through the expert, are they logged? it seems odd to me that you can't see what was searched with api...
Leaderboard
Epsum factorial non deposit quid pro quo hic escorol.
| User | Count |
|---|---|
| 66 | |
| 19 | |
| 8 | |
| 6 | |
| 6 | |
| 4 | |
| 4 | |
| 4 | |
| 3 | |
| 2 |
Thu 02 Jul 2026 @ 06:00 PM (CST)
Revolucionando la Seguridad con IA Generativa: Prevención Inteligente en Tiempo RealThu 09 Jul 2026 @ 10:00 AM (CEST)
Schutz souveräner Workloads: Check Point & die AWS European Sovereign CloudThu 09 Jul 2026 @ 11:00 AM (CEST)
The Cloud Architects Series: Check Point Edge Protection SD-WAN & SASETue 14 Jul 2026 @ 10:00 AM (PDT)
AI Security Masters E11: READY OR NOT: Securing the AI Enterprise 3/5 - AI Workforce SecurityThu 30 Jul 2026 @ 10:00 AM (PDT)
AI Security Masters E12: READY OR NOT: Securing the AI Enterprise 4/5 - AI GatewayThu 20 Aug 2026 @ 10:00 AM (PDT)
AI Security Masters E13: READY OR NOT: Securing the AI Ent 5/5 - AI Research & Threat LandscapeTue 14 Jul 2026 @ 10:00 AM (PDT)
AI Security Masters E11: READY OR NOT: Securing the AI Enterprise 3/5 - AI Workforce SecurityThu 30 Jul 2026 @ 10:00 AM (PDT)
AI Security Masters E12: READY OR NOT: Securing the AI Enterprise 4/5 - AI GatewayThu 20 Aug 2026 @ 10:00 AM (PDT)
AI Security Masters E13: READY OR NOT: Securing the AI Ent 5/5 - AI Research & Threat LandscapeThu 02 Jul 2026 @ 06:00 PM (CST)
Revolucionando la Seguridad con IA Generativa: Prevención Inteligente en Tiempo RealAbout CheckMates
Learn Check Point
Advanced Learning
YOU DESERVE THE BEST SECURITY