R80.10 Management and SIEM Integrations


#1

After R80.10 OPSEC and Syslog are not working as they were in R77.30.


I've looked into CPLogSyslog but I havent been able to make it work correctly, also the SmartEvent server from where I'm generating the logs starts hitting above 90% when activated.


How are you guys working with this ?


#2

Can you expand on the “not working” statement?

CPLogToSyslog has been replaced with a cleaner solution simply named - “Logs Exporter.” This might make life a bit easier for dumping CP logs into a syslog solution.

You might also want to post this question over to Check Point’s user community as well.


#3

OPSEC wont connect anymore and Syslog isnt getting parsed.

But you have posted the solution, Log Exporter is exactly what Im looking for.

Thanks!