Hello There ,
I'am running Splunk v6 on a VM(Debian) and i'm trying to get the logs from my CheckPoint firewalls.
I have set up a SIC between the CMA and the Splunk App , and configured the new input with the splunk Gui.
The link is showed as "enabled"
Unfortunately , i get no logs and have the following error ( every hours )
msg="A script exited abnormally" input="/opt/splunk/etc/apps/Splunk_TA_opseclea_linux22/bin/lea-loggrabber.sh --configentity XXXXXXXXXXX" stanza="default" status="exited with code 1
Could you help me ?
Regards ,
Hello There ,
I figured how to solve this problem.
This error may happen if your SIC name in the Splunk interface is not the same as the one in the CheckPoint dashboard .
Regards ,
Hello There ,
I figured how to solve this problem.
This error may happen if your SIC name in the Splunk interface is not the same as the one in the CheckPoint dashboard .
Regards ,