All Apps and Add-ons
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

What kind of input is CheckPoint Opsec Lea considered?

john_glasscock
Path Finder
‎06-01-2018 09:14 AM

We are seeing events being dropped at the forwarder. Can persistent queues be used for this connector? Trying to figure out the type of input to determine if persistent queues can be used.

0 Karma
Reply

gjanders
SplunkTrust
SplunkTrust
‎06-02-2018 03:35 PM

According to the documentation Persistent queues are available for these input types:

TCP
UDP
FIFO
Scripted inputs
Windows Event Log inputs

I believe this application uses a modular input, and therefore not a persistent queue.

However what would the persistent queue be used for in this case? This application polls a checkpoint firewall to obtain data, and records it's progress in a checkpoint file as documented here
Therefore I don't see why you would want a persistent queue, the application will poll the firewall for data based on what data it last sent to Splunk...

-
Alerts for Splunk Admins, Version Control for Splunk, Decrypt2 VersionControl For SplunkCloud
0 Karma
Reply
Get Updates on the Splunk Community!

.conf24 | Registration Open!

Hello, hello! I come bearing good news: Registration for .conf24 is now open!   conf is Splunk’s rad annual ...

ICYMI - Check out the latest releases of Splunk Edge Processor

Splunk is pleased to announce the latest enhancements to Splunk Edge Processor.  HEC Receiver authorization ...

Introducing the 2024 SplunkTrust!

Hello, Splunk Community! We are beyond thrilled to announce our newest group of SplunkTrust members!  The ...