Are you a member of CheckMates?
×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Started using the log exporter to send logs to a new SIEM. The only issue so far is that i'm not seeing anything from the mobile access blade sent. i'm getting all other logs. I've even modified this file to only send mobile access, and absolutely nothing arrived at the SIEM.
Version is r81.10
Any ideas would be greatly appreciated.
1 Solution
Accepted Solutions
You are correct, it's not considered "Mobile Access". Opened a tac and got it sorted out pretty quick. This config got us to where we wanted to be:
Yeah, we're not looking for their traffic logs. We're more interested in login locations so we can trigger the "geographically improbable" access alarm if jane tries to log on from gig harbor and paris at the same time.
Here's what i currently see in smartview if i filter on blade:mobile access
You are correct, it's not considered "Mobile Access". Opened a tac and got it sorted out pretty quick. This config got us to where we wanted to be:
