Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Myron_Magee
Participant
Jump to solution

Using R80 and need to send logs to a Splunk server. Any idea how?

We are running R80 GA and I need send logs to a new splunk server. Looking to see if anyone is doing the same.

0 Kudos
1 Solution

Accepted Solutions
Security_Depart
Participant

Hi

I do not sue SPlunk but had issue with the SIEM solution we used. If you use an Opsec object to sent logs to Splunk you will potentially need to downgrade the CA certificate on R80 from Sha 256 to Sha 1 if Splunk doesn't support Sha256 yet

https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solut...

View solution in original post

0 Kudos
1 Reply
Security_Depart
Participant

Hi

I do not sue SPlunk but had issue with the SIEM solution we used. If you use an Opsec object to sent logs to Splunk you will potentially need to downgrade the CA certificate on R80 from Sha 256 to Sha 1 if Splunk doesn't support Sha256 yet

https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solut...

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events