Create a Post
Showing results for 
Search instead for 
Did you mean: 

SmartEvent Best Practices Techtalk April 2022: Video, Slides, and Q&A

Q&A is listed below.
Slides are attached below the video.

Will SmartEvent in the Smart-1 cloud be covered as opposed to on prem?

This session generally applies to both.

Can SmartEvent work with syslog (e.g. system) logs from various devices?

A Check Point log server can be configured to ingest syslog, which means that SmartEvent can potentially process these logs as well. However, this will likely require parsers, which will have to be developed separately.

It is recommended to have the correlation unit on the log server if distributed. If we have to separate, what is the best process to do so?

In some high-volume environments, this may be required. Best to consult with your Check Point SE to fully understand the environment and requirements.

Customer wants to keep SE stopped for troubleshooting purpose. they run evstop but after some time this SE get started again. How can they keep SE disabled and not restarted till evstart command ran?

If you want SmartEvent disabled for longer periods of time, uncheck the relevant options in the management blade and Install Database. This shouldn’t remove any related settings. 

Can we

TO READ THE FULL POST it's simple and free


Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events