Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Dan_Zada
Employee Alumnus
Employee Alumnus

Log Exporter Filtering

Hello all,

I'm happy to inform you that we added a new feature to the log exporter - the ability to filter logs.

Starting today, you will be able to configure which logs will exported, based on fields and values, including complex statements.

More information, including basic and advanced filtering instructions, can be found in SK122323.

If you have any question or comment, let me know.

Thanks!

Dan.

67 Replies
Shay_Hibah
Employee Alumnus
Employee Alumnus

@Antonis_Hassiot 

What format are you using as part of Log Exporter configuration?

0 Kudos
Antonis_Hassiot
Contributor

target-port: 12010
protocol: tcp
format: splunk
read-mode: semi-unified
export-link: false
export-attachment-link: false
export-attachment-ids: Found

0 Kudos
Shay_Hibah
Employee Alumnus
Employee Alumnus

Please send my your FilterConfiguration.xml file to my email and we will take it offline from there.

Shayhi@checkpoint.com

0 Kudos
Ned_Stark
Contributor

Hello friends,

I have a 1450 appliance  Version R77.20.85 (990172755)   

How can I get the configuracion log exporter  for this appliance?  I see that sk 122323  is for R77.30 and above.

 

 

Thanks 

0 Kudos
PhoneBoy
Admin
Admin

Log Exporter is not supported on SMB appliances.
The 1500 series running R80.20 code can natively export security logs via Syslog.
Dorit_Dor
Employee
Employee

to be clear:

Log exporter is running on the log server/management and it is agnostic to which GW generated the data.

Ned_Stark
Contributor

Ok,  thanks a lot.  

Nice day.  

 

0 Kudos
Ned_Stark
Contributor

Thanks a lot.   

0 Kudos