This video elaborate on Check Point's R80.20 log exporter feature, introducing an easy and secure method for exporting Check Point logs to 3rd party SIEM applications, using various protocols (like TCP or UDP) and formats (like syslog, CEF, or LEEF)
Splunk also has a Opsec Connection (LEA) to receive the logs. Is there an advantage to use this export feature?
While we will continue to support LEA for the time being, Log Exporter is going to be the recommended method for exporting logs to third party SIEMs going forward.
Retrieving data ...