Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Participant

how to send log from Checkpoint Gaia R77.20 OPSEC LEA to Splunk/external syslog Server.

Hello Expert.

I have R77.20 Gaia. I need help to configure OPSEC LEA to send logs to externla syslog Server/Splunk.

Please guide me or share if any SK is available.

0 Kudos
Reply
4 Replies
Collaborator

It's difficult to get questions answered when working on unsupported Software versions, like R77.20

If you run a supported version,  sk122323 might help

0 Kudos
Reply
Admin
Admin

OPSEC LEA requires a third party connector to pull the logs.
Whether Splunk still maintains their previous LEA connector, I'm not sure.
The preferred method for integration with ALL SIEMs including Splunk is Log Exporter.
Log Exporter is not available on R77.20.
You will need to upgrade to a supported release.
0 Kudos
Reply
Employee
Employee

I would like to help you but my best recommendation is to upgrade and work with log exporter, at least to R77.30.

I'm also attaching a guide I have about how to connect Splunk with OPSEC LEA.

Amir Senn

Kind regards, Amir Senn
0 Kudos
Reply
Employee
Employee

I'll be happy to know if the guide I offered (or any other answer here) helped you.

You can also leave contact info and if you still have issues we'll be glad to help you through them.

Kind regards, Amir Senn
0 Kudos
Reply