Security

Checkpoint Logs - and no OPSEC

BunnyHop
Contributor

Is there a way to grab logs from Checkpoint FW-1 without using OPSEC? Any suggestions will be appreciated ;).

0 Karma

mpf
Explorer

Hi, I'm using 'fw log -l -n -p' to export the logs to a file. You'll need to setup a sourcetype as per http://answers.splunk.com/questions/11592/parsing-checkpoint-firewall-log-dates to splunk understands the timestamp.

Take a look at 'fw log -h' for other options such as tailing the log which might be usable in a scripted input.

Get Updates on the Splunk Community!

.conf24 | Registration Open!

Hello, hello! I come bearing good news: Registration for .conf24 is now open!   conf is Splunk’s rad annual ...

Splunk is officially part of Cisco

Revolutionizing how our customers build resilience across their entire digital footprint.   Splunk ...

Splunk APM & RUM | Planned Maintenance March 26 - March 28, 2024

There will be planned maintenance for Splunk APM and RUM between March 26, 2024 and March 28, 2024 as ...