Does Check Point R80.30 support sending firewall traffic logs out via BOTH OPSEC LEA (to another 3rd party server) and to Splunk (via log exporter)?
I'm working on a setup (single CP R80.30) where the user is currently sending traffic logs to Splunk, but also wants the 3rd party server to be able to pull these same traffic logs. But we can't seem to see these traffic logs in the external server, even though:
- the FW rules have logging enabled
- OPSEC certificate setup successfully, with trust established
- local logging enabled
So just wanted to confirm that what I mentioned in my initial question was technically possible first - perhaps I might have missed something in the configuration.
Thank you!