Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Ankur_Datta
Collaborator

need checkpoint document that has details of all field that are in logs

Jump to solution

Hi All,

 

I am searching for a document that has details of all fields that are in log according to R80.10 version.

 

Can anyone please help me in this. 

 

Thanks

0 Kudos
1 Solution

Accepted Solutions
masher
Employee
Employee

While I don't think that we have a published document for all fields available to log_exporter, there have been several posts already on Check Mates that cover some of this question.

It is also possible to review the LogFields.xml file as it includes the field definitions with a display name. It can be found in the /opt/CPrt-R80.*0/log_exporter/conf directory.

 

View solution in original post

7 Replies
Maik
Advisor

The Logging & Monitoring R80 Admin Guide is probably what you are looking for.

0 Kudos
Ankur_Datta
Collaborator

Thanks for reply Maik.

 

No i am not looking for logging and monitoring admin guide. 

 

The requirement is client want to know all fields that are in log file so those can be used in SIEM tool to receive historical and real time logs. 

 

I think the document is related to LEA.

 

i found old document but i need for R80.10 version.

 

Thanks 

0 Kudos
Maik
Advisor

Ah okay, I see. Could you link the old document that you have found?

This would allow the community to understand more precisely what you are looking for. 🙂

0 Kudos
Ankur_Datta
Collaborator

Sorry for late reply.

 

Here is link for document.

 

https://community.checkpoint.com/t5/Logging-and-Reporting/LEA-Fields/td-p/38365

 

Basically i am looking for control logs fields.

 Can anyone please help me in this.

 

Thanks

0 Kudos
masher
Employee
Employee

While I don't think that we have a published document for all fields available to log_exporter, there have been several posts already on Check Mates that cover some of this question.

It is also possible to review the LogFields.xml file as it includes the field definitions with a display name. It can be found in the /opt/CPrt-R80.*0/log_exporter/conf directory.

 

View solution in original post

Cyber_Serge
Collaborator
This is a great collection of info, thank you for sharing! By any chance do we know where to find more additional view to import such as outlined in sk134634 SmartView's Cyber Attack View? I did a search but maybe my search criteria need to be refine/use correct key word.
0 Kudos
Ankur_Datta
Collaborator

Thanks Masher,

The first link is not opening. 

I am checking LogFields.xml file. i hope this should resolve my query.

 

Thanks

0 Kudos