icon/x Created with Sketch.

Splunk Cookie Policy

We use our own and third-party cookies to provide you with a great online experience. We also use these cookies to improve our products and services, support our marketing campaigns, and advertise to you on our website and other websites. Some cookies may continue to collect information after you have left our website. Learn more (including how to update your settings) here.
Accept Cookie Policy

We are working on something new...

A Fresh New Splunkbase
We are designing a New Splunkbase to improve search and discoverability of apps. Check out our new and improved features like Categories and Collections. New Splunkbase is currently in preview mode, as it is under active development. We welcome you to navigate New Splunkbase and give us feedback.
Cancel Visit New Splunkbase Visit
My Account
Login Signup
Support & Services
Search Splunk Documentation Splunk Answers Education & Training User Groups Splunk App Developers Support Portal Contact Us
My Account
Login Signup
Support & Services
Search Splunk Documentation Splunk Answers Education & Training User Groups Splunk App Developers Support Portal Contact Us

Accept License Agreements

This app is provided by a third party and your right to use the app is in accordance with the license provided by that third-party licensor. Splunk is not responsible for any third-party apps and does not provide any warranty or support. If you have any questions, complaints or claims with respect to this app, please contact the licensor directly.

End User License Agreement for Third-Party Content

Splunk Websites Terms and Conditions of Use

Thank You

Downloading Check Point Analytics App by QOS
SHA256 checksum (check-point-analytics-app-by-qos_200.tgz) 3a601b18e970eea271ac8ab42c5c34d6cd5072691e5288c9a1ae0189f65d2789 SHA256 checksum (check-point-analytics-app-by-qos_109.tgz) 8cceba50e19a3854f16ade4ef31b37797a71d4a06a7b63ba8df0e6e66be3c92a SHA256 checksum (check-point-analytics-app-by-qos_107.tgz) 29a258e3b4f55569fa3b133e6fa84d6be130713c3b9e613dd963b93c325bbe1e SHA256 checksum (check-point-analytics-app-by-qos_106.tgz) dd5708698385bd446920f376f0158b3681aa7fd253b99b571c3ce778e817da72 SHA256 checksum (check-point-analytics-app-by-qos_105.tgz) 236a082e624f94b655660e6f8ca0676c015725fb6e8283a6b18e53e56a6f9942 SHA256 checksum (check-point-analytics-app-by-qos_104.zip) 5cfec2571dcb29b6f512ed21db95e1ed291cd5b134a9c3f3ce87c323fe6f0b25 SHA256 checksum (check-point-analytics-app-by-qos_103.zip) aef16e558637663cfae255fcb4aa7b04b20e51622e840d7130fe750e97b42530
To install your download
For instructions specific to your download, click the Details tab after closing this window.

Flag As Inappropriate
splunk

Check Point Analytics App by QOS
This app has been archived. Learn more about app archiving.
This app is NOT supported by Splunk. Please read about what that means for you here.
Overview
Details
New Release for Splunk 7.x (08 Aug 2018).
WINNER OF SPLUNK REVOLUTION AWARD 2015.
----------------------------------------------------------------------------------------------------------
Check Point Analytics App by QOS helps security administrators to quickly analyze Check Point logs. This app will provide you very good insight of your security posture based on Check Points logs. This app currently analyses three software gateway blades of Check Point. These blades are Firewall, IPS , Threat Prevention and App and URL Filtering blade.
Additionally, this app will let you know if some machines are trying to scan your network either from internal network or from external network.

Our objective is to make this app the best app for Analyzing Check Point logs. We are always there to support you, incase you need our help do mail us splunk@qostechnology.in

This App utilizes the logs collected by Check Point LEA client and performs some useful analytics on top of it.Please note it is mandatory to first install Check Point LEA client before using this app.

This app currently supports 5 Check Point Gateway blades. These blades are Firewall, IPS , Anti-Bot , Anti-Virus and App and URL Filtering blade. If you have any of these blades configured on you Check Point gateway then this App is for you. You can find out the monthly and weekly trends of Firewall Action. You can find out top used rules. This app can be very useful in detecting any abnormal behavior in traffic pattern. There are many more interesting stuffs you can do with this.

You can find the user guide which will be placed in /opt/splunk/etc/apps/CheckPointAnalyticsAppbyQOS/appserver/static directory.

You can also download the Installation and User Guides from our offical webpage.
http://qostechnology.in/checkpoint-analytics-app/

Please email your feedbacks ,suggestions and support issues to splunk@qostechnology.in and we promise to get back to you in less than 48 hrs.

FAQS

  • Which Checkpoint Blades(Features) are supported by this app?

We are currently supporting Firewall,IPS,Anti-Bot,Anti-Virus and Application and URL Control Blades. Please mails us at splunk@qos.co.in if you want us to add more blades in future updates.

  • Is Checkpoint LEA app mandatory for this app to work?

It is not mandatory anymore. This app uses the index file created using Checkpoint LEA app. Please use this link to download Checkpoint LEA client.
https://splunkbase.splunk.com/app/1454/
If you do not want to use Check Point LEA or your Splunk runs on windows please use our Check Point Add-On to get Check Point logs through syslog.
https://splunkbase.splunk.com/app/2996

  • Which Operating Systems are supported?

Linux and Windows. If you are using Windows then make sure you use Check Point Add-On to get Check Point logs through syslog.
https://splunkbase.splunk.com/app/2996

  • I need step by step document to install Checkpoint LEA app on my Splunk.

Please use this link and follow the steps mentioned in the blog.
http://qostechnology.in/blog/integrate-splunk-with-checkpoint-managementlog-server/
Alternately for more information you can read splunk's official documentation.
http://docs.splunk.com/Documentation/OPSEC-LEA/3.1.0/Install/InstalltheSplunkTechnologyAdd-onforCheckPointOPSECLEA

  • I need help as I am facing some issues with this app? Whom shall I contact?

Please email the issue in detail with appropriate screenshots at splunk@qostechnology.in and we promise to get back to you in less than 48 hrs.

  • How can I give some suggestions to improve this app.

We will be more than happy to listen from our customers. Feel free to drop your emails at splunk@qostechnology.in

  • I am running Splunk 6.2 version and older. Can I get link to download your app for which works on Splunk 6.2.

Yes. Please download app for older version from our website http://qostechnology.in/checkpoint-analytics-app/

  • I need step by step document to install Checkpoint LEA app on my Splunk.

Please use this link and follow the steps mentioned in the blog.
http://qostechnology.in/blog/integrate-splunk-with-checkpoint-managementlog-server/
Alternately for more information you can read splunk's official documentation.
http://docs.splunk.com/Documentation/OPSEC-LEA/3.1.0/Install/InstalltheSplunkTechnologyAdd-onforCheckPointOPSECLEA

  • I need help as I am facing some issues with this app? Whom shall I contact?

Please email the issue in detail with appropriate screenshots at splunk@qostechnology.in and we promise to get back to you in less than 48 hrs.

  • How can I give some suggestions to improve this app.

We will be more than happy to listen from our customers. Feel free to drop your emails at splunk@qostechnology.in

  • I am running Splunk 6.2 version. Can I get link to download your app for which works on Splunk 6.2.

Yes. Please download app for older version from our website http://qostechnology.in/checkpoint-analytics-app/

Release Notes

Version 2.0.0
Oct. 5, 2021

Supported on recent versions of Splunk enterprise
Version 1.0.9
Aug. 8, 2018

New release for Splunk
For older versions please email splunk@qos.co.in OR
download from our website.
http://qostechnology.in

Include more information for Threat Prevention blade
Version 1.0.7
May 23, 2017

New release for Splunk
For older versions please email splunk@qos.co.in OR
download from our website.
http://qostechnology.in

  1. Threat Prevention will show Attacks generated by attackers.
  2. Threat Prevention will show Geo map for country generating attacks.
Version 1.0.6
May 19, 2017

New release for Splunk
For older versions please email splunk@qos.co.in OR
download from our website.
http://qos.co.in

  1. Threat Prevention will show Attacks generated by attackers.
  2. Threat Prevention will show geo map for country generating attacks.
Version 1.0.5
May 17, 2017

New release for Splunk
For older versions please email splunk@qos.co.in OR
download from our website.
http://qos.co.in

  1. Threat Prevention will show Attacks generated by attackers.
  2. Threat Prevention will show geo map for country generating attacks.
Version 1.0.4
March 15, 2016

New release for Splunk 6.3.x
For older versions please email splunk@qos.co.in OR
download from our website.
http://qos.co.in

  1. App and URL tab will now show an amount of bandwidth used by source.
  2. App and URL tab will also show bandwidth utilized per application.
  3. App and URL tab will display risky internal IP addresses with an appropriate color.
Version 1.0.3
Dec. 30, 2015
  1. Now syslog messages from Check Point gaia devices can also be analyzed for important information.
  2. Important logs related to ClusterXL setup will be displayed.
  3. App risk 5 is added.
  4. Under App and URL filtering tab, Geomap is combined for App risk 3/4/5.
  5. Install and User Guides are updated and kept in appserver/static folder.
2,989
Downloads
Share Subscribe LOGIN TO DOWNLOAD
Version
Built by
QOS Tech
Support
Not Supported
Questions on Splunk Answers Flag as inappropriate
Compatibility
Products: Splunk Enterprise Products: Splunk Enterprise Products: Splunk Enterprise Products: Splunk Enterprise Products: Splunk Enterprise Products: Splunk Enterprise Products: Splunk Enterprise
Splunk Versions: 9.2, 9.1, 9.0, 8.2, 8.1, 8.0, 7.3, 7.2 Platform: Platform Independent CIM Versions: 4.x, 3.x Splunk Versions: 7.1, 7.0 Platform: Platform Independent CIM Versions: 4.x Platform: Platform Independent CIM Versions: 4.x Platform: Platform Independent CIM Versions: 4.x Platform: Platform Independent CIM Versions: 4.x Platform: Platform Independent CIM Versions: 4.x Platform: Platform Independent CIM Versions: 4.x
Licensing
End User License Agreement for Third-Party Content
Category & Contents
Categories: Security, Fraud & Compliance
App Type: App
Subscribe Share

Are you a developer?

As a Splunkbase app developer, you will have access to all Splunk development resources and receive a 10GB license to build an app that will help solve use cases for customers all over the world. Splunkbase has 1000+ apps from Splunk, our partners and our community. Find an app for most any data source and user need, or simply create your own with help from our developer portal.

Submit New Splunk App Dev Resources
PLATFORM
Data-to-Everything Platform
Splunk Cloud
Splunk Enterprise
Splunk Machine Learning Toolkit
Splunk Data Stream Processor
Pricing
Free Trials & Downloads
SECURITY PRODUCTS
Splunk Enterprise Security
Splunk Phantom
Splunk Mission Control
Splunk User Behavior Analytics
IT OPERATIONS & OBSERVABILITY PRODUCTS
Splunk Infrastructure Monitoring
Splunk IT Service Intelligence
Splunk Application Performance Monitoring
Splunk On-Call
SOLUTIONS BY INITIATIVE
Cloud Transformation
SOLUTIONS BY FUNCTION
Security
IT
Devops
SOLUTIONS BY INDUSTRY
Aerospace & Defense
Communications
Energy & Utilities
Financial Services
Healthcare
Higher Education
Manufacturing
Nonprofits
Online Services
Public Sector
Retail
WHY SPLUNK?
Why Splunk?
Customer Stories
Partners
Data-to-Everything
Diversity & Inclusion
SUPPORT
Support Portal
Support Programs
Splunk Answers
Contact Us
Product Security Updates
RESOURCES
Events
Webinars
Blogs
Customer Success
Expert Services
Data Insider
View All Resources
FOR DEVELOPERS
Documentation
Best Practices
Get Started with Splunk
Training & Certification
User Groups
Community
Splunkbase
Splunk dev
COMPANY
About Splunk
Careers
Leadership
Splunk for Good
Splunk Ventures
Splunk Protects
Newsroom
COVID-19 Response
SPLUNK SITES
.conf
Splunk Live!
T-Shirt Store
Investor Relations
Follow Us:
© 2005-2024 Splunk Inc. All rights reserved.
Sitemap | Privacy | Website Terms of Use | Splunk Licensing Terms | Export Control | Modern Slavery Statement | Splunk Patents | Report a Problem
Splunk, Splunk>,Turn Data Into Doing, Data-to-Everything, and D2E are trademarks or registered trademarks of Splunk Inc. in the United States and other countries. All other brand names,product names,or trademarks belong to their respective owners.