- CheckMates
- :
- Products
- :
- General Topics
- :
- Re: need checkpoint document that has details of a...
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Are you a member of CheckMates?
×- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
need checkpoint document that has details of all field that are in logs
Hi All,
I am searching for a document that has details of all fields that are in log according to R80.10 version.
Can anyone please help me in this.
Thanks
Accepted Solutions
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
While I don't think that we have a published document for all fields available to log_exporter, there have been several posts already on Check Mates that cover some of this question.
- Log Exporter CEF Field Mappings
- Log Exporter LEEF Field Mappings
- Threat Prevention Log Field Definitions
It is also possible to review the LogFields.xml file as it includes the field definitions with a display name. It can be found in the /opt/CPrt-R80.*0/log_exporter/conf directory.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
The Logging & Monitoring R80 Admin Guide is probably what you are looking for.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Thanks for reply Maik.
No i am not looking for logging and monitoring admin guide.
The requirement is client want to know all fields that are in log file so those can be used in SIEM tool to receive historical and real time logs.
I think the document is related to LEA.
i found old document but i need for R80.10 version.
Thanks
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Ah okay, I see. Could you link the old document that you have found?
This would allow the community to understand more precisely what you are looking for. 🙂
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Sorry for late reply.
Here is link for document.
https://community.checkpoint.com/t5/Logging-and-Reporting/LEA-Fields/td-p/38365
Basically i am looking for control logs fields.
Can anyone please help me in this.
Thanks
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
While I don't think that we have a published document for all fields available to log_exporter, there have been several posts already on Check Mates that cover some of this question.
- Log Exporter CEF Field Mappings
- Log Exporter LEEF Field Mappings
- Threat Prevention Log Field Definitions
It is also possible to review the LogFields.xml file as it includes the field definitions with a display name. It can be found in the /opt/CPrt-R80.*0/log_exporter/conf directory.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Thanks Masher,
The first link is not opening.
I am checking LogFields.xml file. i hope this should resolve my query.
Thanks