This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
jt-jt
Participant
‎2022-08-04 06:41 AM

Harmony Connect log export/integration with SIEM

Hi,

We are looking at a few replacements (SASE, CASB, SIEM) and wondered if there is any way to export the logs from Harmony Connect (I guess in the Infinity portal) to a SIEM such as Microsoft Sentinel?

Many thanks in advance.

JT

Labels
0 Kudos
5 Replies
Chris_Atkinson
Employee Employee
Employee
‎2022-08-04 06:25 PM

Currently, getting your logs streamed to a SIEM is available by submitting a TAC support ticket.
We plan to provide a self-service UI for this configuration (coming soon).
The SIEM will need to accept Syslog, Splunk, CEF or LEEF traffic coming from the AWS hosted IP addresses (this is where our cloud POPs are located at) using the Log Exporter mechanism.

Also suggest keeping your local SE across the request.

CCSM R77/R80/ELITE
0 Kudos
jt-jt
Participant
‎2022-08-05 01:26 AM
In response to Chris_Atkinson

Thank you, I'll speak to our SE on it.

0 Kudos
Chris_Atkinson
Employee Employee
Employee
‎2022-11-01 05:24 PM
In response to jt-jt

To update the UI has been made available since in Global Settings:

HC-syslog.png

CCSM R77/R80/ELITE
dantlitz
Explorer
‎2022-11-01 01:52 PM
In response to Chris_Atkinson

I see our on prem MDS supports a Log Rhythm format.  Is that supported from the Harmony Cloud?

 

0 Kudos
Chris_Atkinson
Employee Employee
Employee
‎2022-11-01 05:22 PM
In response to dantlitz

You can enquire via an SR other formats can be set on the backend in some instances.

syslog.png

Source: https://sc1.checkpoint.com/documents/Infinity_Portal/WebAdminGuides/EN/Infinity-Portal-Admin-Guide/C...

 

CCSM R77/R80/ELITE
0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    In-Person

    Tue 07 Oct 2025 @ 09:30 AM (CEST)

    CheckMates Live Denmark!
    CheckMates Events