Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
LaRockas
Participant

OPSEC LEA Permissions

Dear all , 

I would like to ask if anyone knows the access that potentially could have an OPSEC LEA client to SMS Gateway . 

Except the LEA Permissions TAB to the OPSEC Application Properties , where else i can find what kind of permission the remote client has when you configure it as OPSEC LEA Appl . 

Is it trusted to allow external partner  like Siem Vendor ,  to communicate with OPSEC LEA to the SMS server ? As you understand the SMS server has all the critical information like policies , etc. 

 

Any other link , pdf , doc to read would be helpful  

Thanks in advanced 

Makis 

0 Kudos
3 Replies
PhoneBoy
Admin
Admin

LEA is for streaming logs to a third party.
The only thing you have access to via LEA is…logs and it's a push (not pull) mechanism.
I believe you can find more details in the OPSEC SDK documentation which is in SecureKnowledge.

Regardless, Log Exporter is the preferred, recommended method for integrating with SIEMs these days.
This uses standard syslog to export logs.
We will continue to support LEA but are not doing further enhancements to it.
0 Kudos
LaRockas
Participant

Hi PhoneBoy ,

Thanks for your reply . I already started to read the SDK documentation .

Thanks

Makis

PS. Nice meeting you at CPX Vienna !
0 Kudos
PhoneBoy
Admin
Admin

Pleasure to meet you as well 😁
0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events