Splunk Add-on for Check Point OPSEC LEA app icon

Splunk Add-on for Check Point OPSEC LEA

The Splunk Add-on for Check Point OPSEC LEA lets you collect and analyze firewall, VPN, IDS, and audit logs from Check Point standalone FW-1 firewalls, standard Multi-Domain Security Management (Provider-1) environments, and Provider-1 environments using the Multi-Domain Log Module (MLM).

Built by
splunk product badge
screenshot
screenshot
Latest Version 3.1.0
July 30, 2015
Compatibility
Splunk Enterprise
Platform Version: 6.3, 6.2, 6.1, 6.0
CIM Version: 4.x, 3.x
Rating

0

(0)

Log in to rate this app
Support
Splunk Add-on for Check Point OPSEC LEA support icon
Splunk Supported addon
Ranking

#16

in Security, Fraud & Compliance
The Splunk Add-on for Check Point OPSEC LEA lets you collect and analyze firewall, VPN, IDS, and audit logs from Check Point standalone FW-1 firewalls, standard Multi-Domain Security Management (Provider-1) environments, and Provider-1 environments using the Multi-Domain Log Module (MLM). The add-on uses the Check Point Log Export API (LEA) along with a customized Splunk lea-loggrabber utility to poll your Check Point servers and collect log data on Linux (RHEL/CentOS 5.x or 6.x only). This add-on provides the inputs and CIM-compatible knowledge to use with other Splunk Enterprise apps, such as the Splunk App for Enterprise Security and the Splunk App for PCI Compliance.

Categories

Security, Fraud & Compliance

Created By

Splunk Inc.

Type

addon

Downloads

5,959

Licensing

Splunk General Terms(Opens new window)

Splunk Answers

Ask a question about this app listing(Opens new window)

Resources

Log in to report this app listing