- Local User Groups
Hi. now I need to design security rules in SIEM for checkpoint SmartDefense(IPS)
In order to do so, i need to know why some SmartDefense log does not have type of action such as accept in it.
based on action, i 'd like to catch events to create an alert in SIEM.
I think these are related to alerts that notify concerning some kind of event, but do not directly block traffic. Can you please provide a properly-redacted screenshot of an example?
Hi, Thank you for the reply.
Unfortunately, I can not provide with it, because it includes my customer information.
This is why I just showed a sample in a post.
"Close" is not good enough and will just lead to fruitless speculation. Please blur out or redact any sensitive data and post a screenshot of what you are seeing.