Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
et_splunker
Explorer

Need Help in How to Ingest Checkpoint Firewall Health Status Logs into Splunk.

 We are currently using the Splunk App for Checkpoint to ingest traffic logs into Splunk. We want to start ingesting firewalls health check logs (CPU, disk space, Memory utilization...) into Splunk. The logs that are being sent to the syslog server from the management server don't include these health check logs. Can we configure the management server (OPSEC LEA) to do polling on the firewalls and ingest the logs from OPSEC LEA server? Or, is there any other way to do it?

0 Kudos
1 Reply
PhoneBoy
Admin
Admin

The kind of information you're looking for is not communicated through LEA.
Which means you'd have to find a way to collect it and communicate it to Splunk via syslog.
You'd probably have to write a script and either have it run directly on the gateways or on something that polls the gateways via SNMP.
0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events