This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Cypress
Contributor
‎2024-08-20 08:28 AM
Jump to solution

Questions on Log Exporter

Log Exporter was set up by my predecessor so I'm just trying to get caught up to speed.  In my environment it looks like it was set up via the CLI, because if I log into the Security Management Server expert mode and I use these commands, I will see that we have a log exporter set up and active.

cp_log_export status

cp_log_export show name {name}

However, in the SmartConsole GUI, if I double click our Security Management Server, and go to Logs > Export, it is blank and shows nothing configured.

My first question is: is that normal?  (The mismatch between CLI and GUI)  I am assuming this is normal because my predecessor used the "configure via CLI" option instead of GUI?

My second question is that I'm being asked to set up a new log exporter, because we are evaluating new SIEM products.  Is it fine to leave the original one in place and simply add a new one via 'cp_log_export add name' command, and filling out the required fields? Is it supported to have two (or more) simultaneous exporters like this? Any concerns with resource consumption?

0 Kudos
1 Solution

Accepted Solutions
PhoneBoy
Admin
Admin
‎2024-08-20 10:44 AM
Jump to solution

Yes, this is expected behavior since, in past versions, it was only possible to configure via CLI.
You can have multiple exporter configurations defined. 

View solution in original post

4 Replies
PhoneBoy
Admin
Admin
‎2024-08-20 10:44 AM
Jump to solution

Yes, this is expected behavior since, in past versions, it was only possible to configure via CLI.
You can have multiple exporter configurations defined. 

the_rock
Legend
Legend
‎2024-08-20 12:03 PM
Jump to solution

It is normal, 100%.

Bob_Zimmerman
Authority
Authority
‎2024-08-21 07:00 AM
Jump to solution

I would configure any new exporters in SmartConsole. For that matter, I also recommend moving the CLI config into SmartConsole. That way, it's all included in your migrate export or mds_backup files. Less stuff to remember to do if your management fails and you have to rebuild it.

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    CheckMates Events