This App utilizes the logs collected by Check Point LEA client and performs some useful analytics on top of it.Please note it is mandatory to first install Check Point LEA client before using this app.
This app currently supports 5 Check Point Gateway blades. These blades are Firewall, IPS , Anti-Bot , Anti-Virus and App and URL Filtering blade. If you have any of these blades configured on you Check Point gateway then this App is for you. You can find out the monthly and weekly trends of Firewall Action. You can find out top used rules. This app can be very useful in detecting any abnormal behavior in traffic pattern. There are many more interesting stuffs you can do with this.
You can find the user guide which will be placed in /opt/splunk/etc/apps/CheckPointAnalyticsAppbyQOS/appserver/static directory.
You can also download the Installation and User Guides from our offical webpage.
http://qostechnology.in/checkpoint-analytics-app/
Please email your feedbacks ,suggestions and support issues to splunk@qostechnology.in and we promise to get back to you in less than 48 hrs.
We are currently supporting Firewall,IPS,Anti-Bot,Anti-Virus and Application and URL Control Blades. Please mails us at splunk@qos.co.in if you want us to add more blades in future updates.
It is not mandatory anymore. This app uses the index file created using Checkpoint LEA app. Please use this link to download Checkpoint LEA client.
https://splunkbase.splunk.com/app/1454/
If you do not want to use Check Point LEA or your Splunk runs on windows please use our Check Point Add-On to get Check Point logs through syslog.
https://splunkbase.splunk.com/app/2996
Linux and Windows. If you are using Windows then make sure you use Check Point Add-On to get Check Point logs through syslog.
https://splunkbase.splunk.com/app/2996
Please use this link and follow the steps mentioned in the blog.
http://qostechnology.in/blog/integrate-splunk-with-checkpoint-managementlog-server/
Alternately for more information you can read splunk's official documentation.
http://docs.splunk.com/Documentation/OPSEC-LEA/3.1.0/Install/InstalltheSplunkTechnologyAdd-onforCheckPointOPSECLEA
Please email the issue in detail with appropriate screenshots at splunk@qostechnology.in and we promise to get back to you in less than 48 hrs.
We will be more than happy to listen from our customers. Feel free to drop your emails at splunk@qostechnology.in
Yes. Please download app for older version from our website http://qostechnology.in/checkpoint-analytics-app/
Please use this link and follow the steps mentioned in the blog.
http://qostechnology.in/blog/integrate-splunk-with-checkpoint-managementlog-server/
Alternately for more information you can read splunk's official documentation.
http://docs.splunk.com/Documentation/OPSEC-LEA/3.1.0/Install/InstalltheSplunkTechnologyAdd-onforCheckPointOPSECLEA
Please email the issue in detail with appropriate screenshots at splunk@qostechnology.in and we promise to get back to you in less than 48 hrs.
We will be more than happy to listen from our customers. Feel free to drop your emails at splunk@qostechnology.in
Yes. Please download app for older version from our website http://qostechnology.in/checkpoint-analytics-app/
Supported on recent versions of Splunk enterprise
New release for Splunk
For older versions please email splunk@qos.co.in OR
download from our website.
http://qostechnology.in
Include more information for Threat Prevention blade
New release for Splunk
For older versions please email splunk@qos.co.in OR
download from our website.
http://qostechnology.in
New release for Splunk
For older versions please email splunk@qos.co.in OR
download from our website.
http://qos.co.in
New release for Splunk
For older versions please email splunk@qos.co.in OR
download from our website.
http://qos.co.in
New release for Splunk 6.3.x
For older versions please email splunk@qos.co.in OR
download from our website.
http://qos.co.in
As a Splunkbase app developer, you will have access to all Splunk development resources and receive a 10GB license to build an app that will help solve use cases for customers all over the world. Splunkbase has 1000+ apps from Splunk, our partners and our community. Find an app for most any data source and user need, or simply create your own with help from our developer portal.