Skip to main content
Lantern Home

 

Splunk Lantern

Check Point

  1. Last updated
  2. Save as PDF

Check Point software solutions protect customers from fifth generation cyber-attacks such as malware, ransomware and other types of attacks. Check Point offers a multilevel security architecture, “Infinity” Total Protection with Gen V advanced threat prevention, which defends enterprise cloud, network, and mobile device information. 

Before looking at documentation for specific data sources, review the Splunk Help information on general data ingestion for Splunk Enterprise, Splunk Cloud Platform or Splunk Observability Cloud.

Getting data in

Source Add-ons and Apps Guidance

Check Point

The Check Point Log Exporter is an easy and secured method for exporting Check Point logs in few standard protocols and formats. The Check Point App for Splunk allows you to respond to security risks immediately and gain network true insights. You can collect and analyze millions of logs from all Check Point technologies and platforms across networks, cloud, endpoints, and mobile. This app uses the Check Point Log Exporter to seamlessly send logs from your Check Point log server to your Splunk server. In the Common Information Model, Check Point can be mapped to any of the following data models, depending on the field: Alerts, Change, Intrusion Detection, Malware, and Network Traffic.

Splunk platform

Splunk SOAR

Configuration 

Splunk Lantern Articles