cancel
Showing results for 
Search instead for 
Did you mean: 
Post a Question

Compliance blade on Splunk?

Hello. Check Point Management Server has the compliance blade. It shows the quality of gateway config. How do you think, is it possible to make this function on Splunk? Can we monitor all necessary parameters with splunk?

Labels (2)
Tags (2)
0 Kudos
6 Replies

Re: Compliance blade on Splunk?

Afaik the Splunk Add-on for OPSEC LEA is rather old, but i would start with that !

0 Kudos

Re: Compliance blade on Splunk?

Thank you for the answer. I think the question is not about method of log collection. It's about the parameters which we can monitor, like configuration files.

0 Kudos

Re: Compliance blade on Splunk?

You can monitor all OPSEC / LEA logged events, including syslog and SmartEvent. The alternative way of monitoring is done using SNMP and traps.

0 Kudos

Re: Compliance blade on Splunk?

It's obviously. I just don't know is it enough for compliance reports. How Splunk can detect your access-lists configuration or global properties? There are a lot of other things. 

0 Kudos

Re: Compliance blade on Splunk?

For access-lists configuration (i did not encounter on CP) or global properties you have to use another tool, not Splunk.

0 Kudos
Admin
Admin

Re: Compliance blade on Splunk?

Splunk is a SIEM that ingests logs from various devices (including ours).

It's not really meant for monitoring device configuration.

That has to be done by more directly probing the device configuration, which I don't believe Splunk does.

There are other third party tools that do this to varying degrees.