This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
BrunoCiongoli
Collaborator
‎2024-02-15 06:17 AM
Jump to solution

Harmony endpoint logs to syslog server

Hi mates,

 

I have two questions about the "Event Forwarding" on infinity portal:

 

1- Is possible to calculate size of logs that harmony endpoint sent to syslog server before sending it? (This is to know how many disk size we have to assign to SIEM)

 

2-How often does the portal send the logs to the SIEM?

 

Thanks in advance

1 Solution

Accepted Solutions
PhoneBoy
Admin
Admin
‎2024-02-15 09:47 AM
Jump to solution

To answer both questions, logs are sent as they are generated.
That makes it impractical to calculate how much will be sent beforehand.

View solution in original post

8 Replies
PhoneBoy
Admin
Admin
‎2024-02-15 09:47 AM
Jump to solution

To answer both questions, logs are sent as they are generated.
That makes it impractical to calculate how much will be sent beforehand.

BrunoCiongoli
Collaborator
‎2024-02-16 05:04 AM
In response to Carol2698Hunter
Jump to solution

Thank you very much for the info! 

the_rock
Legend
Legend
‎2024-02-16 12:13 PM
In response to BrunoCiongoli
Jump to solution

Hey Bruno,

We have customers where we configured logs to be sent to siem solution and yes, Phoneboy is correct, they are sent in real time, so its almost impossible to tell what size they would be.

But, if you want a ballpark estimate, I can try figure it out for you, let me know.

Best,

Andy

0 Kudos
the_rock
Legend
Legend
‎2024-02-16 12:28 PM
In response to BrunoCiongoli
Jump to solution

Btw, I just took this from one client's environment for smart-1 cloud instance (cloud mgmt), but will try get it for harmony endpoint as well.

Best,

Andy

 

 

Screenshot_1.png

0 Kudos
the_rock
Legend
Legend
‎2024-02-16 04:59 PM
In response to BrunoCiongoli
Jump to solution

Hey Bruno,

One of my colleagues from SIEM team got back to me and let me know that on average, from client I was referring to, we get about 40 K logs a day. He can check the average log size Monday, and I can give you that info.

Best,

Andy

0 Kudos
the_rock
Legend
Legend
‎2024-02-17 02:53 AM
In response to the_rock
Jump to solution

@BrunoCiongoli K, so found out its about 38-40 K logs a day, averaging 2 KB per log. Hope that info is somewhat useful : - )

Best,

Andy

BrunoCiongoli
Collaborator
‎2024-02-18 07:30 PM
In response to the_rock
Jump to solution

Thank you Andy! it was so helpful for me.

the_rock
Legend
Legend
‎2024-02-18 07:42 PM
In response to BrunoCiongoli
Jump to solution

Glad we can help mate.

Best,

Andy

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    CheckMates Events