Create a Post
Showing results for 
Search instead for 
Did you mean: 

Elasticsearch (ELK) Integration: filebeats or elastic-agent


I have noticed two  checkpoints modules for elasticsearch integration.

1) Based on elastic-agent 

2) Based on filebeat 

Is there any recommendation from checkpoint?  Is there any case study or guide about it?
I have the impression the elastic-agent may be a better choice to simplify operations and stay up-to-date with  log format changes in future GAIA releases, am I wrong?

0 Kudos
1 Reply

At least from looking at these integrations, it’s not clear that we (Check Point) had anything to do with them.
In which case, it’d be difficult for us to make a specific recommendation as to which you should use.
Am curious if anyone else in the community is using these and how it’s working, of course.

0 Kudos