This functionality enables the forwarding of all the Check Point SandBlast Mobile security and system alerts as they are generated and presented in the dashboard, to any standard Syslog Server in Syslog format. The Syslog will include all data available in the dashboard "Events & Alerts" tab. In addition Check Point's R&D added specific integration to ArcSight with support for ArcSight Common Event Format (CEF).
The data that can be sent to SIEM includes the following fields:
Event Server Timestamp
Event Client Timestamp
SBM Dashboard URL
SBM Client Version
Device MDM ID
APP Threat summary
For more information, please contact Check Point's Local Security Engineer or the regional Mobile Security expert.