Create a Post
Showing results for 
Search instead for 
Did you mean: 

Checkpoint Log Exported format issue with Logrhythm


I have recently tried to configure log exporter on our Checkpoint firewall R80.20 on management server. We have applied the required jumbo hotfix on firewall and configured Logrhythm object using cp log export.

Logrhythm demands the logs to contain a pipe (|) separating the fields to be able to parse properly. However, on configuring the log exporter, i am getting the logs from Checkpoint in raw format instead of with the pipe.

Has anyone faced similar issue with Checkpoint logs and can help with the resolution? I have raised a case with support as well but they don't seem to be able to find a solution yet.



0 Kudos
1 Reply

Log exporter send logs as syslog. You might need to tune Logrhythm parsing though. Did you look into sk122323 yet?


Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events