Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
shamimalam
Participant

how to send log from Checkpoint Gaia R77.20 OPSEC LEA to Splunk/external syslog Server.

Hello Expert.

I have R77.20 Gaia. I need help to configure OPSEC LEA to send logs to externla syslog Server/Splunk.

Please guide me or share if any SK is available.

0 Kudos
4 Replies
peter_schumache
Collaborator

It's difficult to get questions answered when working on unsupported Software versions, like R77.20

If you run a supported version,  sk122323 might help

0 Kudos
PhoneBoy
Admin
Admin

OPSEC LEA requires a third party connector to pull the logs.
Whether Splunk still maintains their previous LEA connector, I'm not sure.
The preferred method for integration with ALL SIEMs including Splunk is Log Exporter.
Log Exporter is not available on R77.20.
You will need to upgrade to a supported release.
0 Kudos
Amir_Senn
Employee
Employee

I would like to help you but my best recommendation is to upgrade and work with log exporter, at least to R77.30.

I'm also attaching a guide I have about how to connect Splunk with OPSEC LEA.

Amir Senn

Kind regards, Amir Senn
0 Kudos
Amir_Senn
Employee
Employee

I'll be happy to know if the guide I offered (or any other answer here) helped you.

You can also leave contact info and if you still have issues we'll be glad to help you through them.

Kind regards, Amir Senn
0 Kudos