cancel
Showing results for 
Search instead for 
Did you mean: 
Post a Question
Ankur_Datta
Nickel

need checkpoint document that has details of all field that are in logs

Jump to solution

Hi All,

 

I am searching for a document that has details of all fields that are in log according to R80.10 version.

 

Can anyone please help me in this. 

 

Thanks

0 Kudos
1 Solution

Accepted Solutions
Employee+
Employee+

Re: need checkpoint document that has details of all field that are in logs

Jump to solution

While I don't think that we have a published document for all fields available to log_exporter, there have been several posts already on Check Mates that cover some of this question.

It is also possible to review the LogFields.xml file as it includes the field definitions with a display name. It can be found in the /opt/CPrt-R80.*0/log_exporter/conf directory.

 

7 Replies
Maik
Silver

Re: need checkpoint document that has details of all field that are in logs

Jump to solution

The Logging & Monitoring R80 Admin Guide is probably what you are looking for.

0 Kudos
Ankur_Datta
Nickel

Re: need checkpoint document that has details of all field that are in logs

Jump to solution

Thanks for reply Maik.

 

No i am not looking for logging and monitoring admin guide. 

 

The requirement is client want to know all fields that are in log file so those can be used in SIEM tool to receive historical and real time logs. 

 

I think the document is related to LEA.

 

i found old document but i need for R80.10 version.

 

Thanks 

0 Kudos
Maik
Silver

Re: need checkpoint document that has details of all field that are in logs

Jump to solution

Ah okay, I see. Could you link the old document that you have found?

This would allow the community to understand more precisely what you are looking for. 🙂

0 Kudos
Highlighted
Ankur_Datta
Nickel

Re: need checkpoint document that has details of all field that are in logs

Jump to solution

Sorry for late reply.

 

Here is link for document.

 

https://community.checkpoint.com/t5/Logging-and-Reporting/LEA-Fields/td-p/38365

 

Basically i am looking for control logs fields.

 Can anyone please help me in this.

 

Thanks

0 Kudos
Employee+
Employee+

Re: need checkpoint document that has details of all field that are in logs

Jump to solution

While I don't think that we have a published document for all fields available to log_exporter, there have been several posts already on Check Mates that cover some of this question.

It is also possible to review the LogFields.xml file as it includes the field definitions with a display name. It can be found in the /opt/CPrt-R80.*0/log_exporter/conf directory.

 

Re: need checkpoint document that has details of all field that are in logs

Jump to solution
This is a great collection of info, thank you for sharing! By any chance do we know where to find more additional view to import such as outlined in sk134634 SmartView's Cyber Attack View? I did a search but maybe my search criteria need to be refine/use correct key word.
0 Kudos
Ankur_Datta
Nickel

Re: need checkpoint document that has details of all field that are in logs

Jump to solution

Thanks Masher,

The first link is not opening. 

I am checking LogFields.xml file. i hope this should resolve my query.

 

Thanks

0 Kudos