This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Blason_R
MVP Gold
MVP Gold
Monday
Jump to solution

Can I configure complex views using smart reporter?

Hello,

I am really curious whether complex operations can be visualized through views in Smart Console? I require a plot of source IP addresses that have communicated with destination IP addresses exceeding 20 GB within a single day. These should be grouped by destination address, excluding port 443 and UDP 53, and the destination addresses must not be RFC1918.

Thanks and Regards,
Blason R
CCSA,CCSE,CCCS
0 Kudos
2 Solutions

Accepted Solutions
PhoneBoy
Admin
Admin
Monday
Jump to solution

From what I remember of SmartEvent, I don't think you can create a report like that.

View solution in original post

the_rock
MVP Gold
MVP Gold
yesterday
Jump to solution

Customer asked me that exact thing last year and TAC told me it was not possible. They did mention it could be doable possibly by exporting logs to external tool, but not via smart console.

Andy

View solution in original post

0 Kudos
4 Replies
PhoneBoy
Admin
Admin
Monday
Jump to solution

From what I remember of SmartEvent, I don't think you can create a report like that.

the_rock
MVP Gold
MVP Gold
yesterday
Jump to solution

Customer asked me that exact thing last year and TAC told me it was not possible. They did mention it could be doable possibly by exporting logs to external tool, but not via smart console.

Andy

0 Kudos
Blason_R
MVP Gold
MVP Gold
yesterday
In response to the_rock
Jump to solution

Yeah that is right but then I built elaticsearch and started ingesting logs there to build a complex queries.

Thanks and Regards,
Blason R
CCSA,CCSE,CCCS
0 Kudos
the_rock
MVP Gold
MVP Gold
yesterday
In response to Blason_R
Jump to solution

Yeah, you can do that. I had one of my colleagues show me, he is SIEM genius...lots of possibilites.

Andy

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    CheckMates Events