This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Ivan_Matreniche
Explorer
‎2017-03-29 08:13 AM

Transfer logs to the ArcSight

How I can transfer log messages to SIEM ArcSight ? 

Labels
0 Kudos
2 Replies
PhoneBoy
Admin
Admin
‎2017-06-27 07:44 PM

You would have to contact HPE for assistance with configuring Arcsight to pull Check Point logs.

However, a quick Google search found this: https://hpe-sec.com/foswiki/bin/view/ArcSightActivate/CheckPointFwConfiguration 

0 Kudos
Timothy_Hall
Legend Legend
Legend
‎2017-06-27 07:55 PM

At a customer site I ran into an Arcsight SIEM integration that broke after upgrading from R77.30 to R80.  Turned out the OPSEC library used to compile that version of the Arcsight application did not support the SHA-256 algorithm, which is used by default to sign the CRL in R80 and later.  See the following for a workaround involving SHA-1: sk109618: OPSEC SIC connection fails.

--
My book "Max Power: Check Point Firewall Performance Optimization"
now available via http://maxpowerfirewalls.com.

Attend my Gateway Performance Optimization R81.20 course
CET (Europe) Timezone Course Scheduled for July 1-2
0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    CheckMates Events
    li.common.scroll-to.top