cancel
Showing results for 
Search instead for 
Did you mean: 
Create a Post

Transfer logs to the ArcSight

How I can transfer log messages to SIEM ArcSight ? 

Labels (1)
0 Kudos
2 Replies
Admin
Admin

Re: Transfer logs to the ArcSight

You would have to contact HPE for assistance with configuring Arcsight to pull Check Point logs.

However, a quick Google search found this: https://hpe-sec.com/foswiki/bin/view/ArcSightActivate/CheckPointFwConfiguration 

0 Kudos

Re: Transfer logs to the ArcSight

At a customer site I ran into an Arcsight SIEM integration that broke after upgrading from R77.30 to R80.  Turned out the OPSEC library used to compile that version of the Arcsight application did not support the SHA-256 algorithm, which is used by default to sign the CRL in R80 and later.  See the following for a workaround involving SHA-1: sk109618: OPSEC SIC connection fails.

--
My book "Max Power: Check Point Firewall Performance Optimization"
now available via http://maxpowerfirewalls.com.

"IPS Immersion Training" Self-paced Video Class
Now Available at http://www.maxpowerfirewalls.com
0 Kudos