Checkpoint Log Collection (LogRhythm) (OPSEC LEA (Log Export API))

Configuration Summary:
1. Add a Host Node for the System Monitor.
2. Add an OPSEC Application in SmartDashboard R8.
3. Record Check Point Log Server Entity SIC Name.
4. Add a Firewall Rule for Management Station (Optional).
5. Pull OPSEC Application SIC Certificate (LR end).
6. Add a Firewall Rule for the Log Server (Optional).
7. Install Updated Policy (Optional).
8. Create the System Monitor Configuration File (LR end).
9. Add a Check Point Log Source (LR end).
10. Troubleshoot (LR end).

Detailed Steps:

https://onlinehelp72.logrhythm.com/#5DeviceGuides/CheckPointLogData.htm?Highlight=checkpoint%20opsec

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s