cancel
Showing results for 
Search instead for 
Did you mean: 
Create a Post
Highlighted
Ivory

OPSEC LEA Permissions

Dear all , 

I would like to ask if anyone knows the access that potentially could have an OPSEC LEA client to SMS Gateway . 

Except the LEA Permissions TAB to the OPSEC Application Properties , where else i can find what kind of permission the remote client has when you configure it as OPSEC LEA Appl . 

Is it trusted to allow external partner  like Siem Vendor ,  to communicate with OPSEC LEA to the SMS server ? As you understand the SMS server has all the critical information like policies , etc. 

 

Any other link , pdf , doc to read would be helpful  

Thanks in advanced 

Makis 

0 Kudos
3 Replies
Highlighted
Admin
Admin

Re: OPSEC LEA Permissions

LEA is for streaming logs to a third party.
The only thing you have access to via LEA is…logs and it's a push (not pull) mechanism.
I believe you can find more details in the OPSEC SDK documentation which is in SecureKnowledge.

Regardless, Log Exporter is the preferred, recommended method for integrating with SIEMs these days.
This uses standard syslog to export logs.
We will continue to support LEA but are not doing further enhancements to it.
0 Kudos
Highlighted
Ivory

Re: OPSEC LEA Permissions

Hi PhoneBoy ,

Thanks for your reply . I already started to read the SDK documentation .

Thanks

Makis

PS. Nice meeting you at CPX Vienna !
0 Kudos
Highlighted
Admin
Admin

Re: OPSEC LEA Permissions

Pleasure to meet you as well 😁
0 Kudos