Skip to main content
 
 
Splunk Lantern

Check Point

 

Check Point software solutions protect customers from fifth generation cyber-attacks such as malware, ransomware and other types of attacks. Check Point offers a multilevel security architecture, “Infinity” Total Protection with Gen V advanced threat prevention, which defends enterprises’ cloud, network, and mobile device information. 

The Check Point Log Exporter is an easy and secured method for exporting Check Point logs in few standard protocols and formats. The Check Point App for Splunk allows you to respond to security risks immediately and gain network true insights. You can collect and analyze millions of logs from all Check Point technologies and platforms across networks, cloud, endpoints, and mobile. This app uses the Check Point Log Exporter to seamlessly send logs from your Check Point log server to your Splunk server. In the Common Information Model, Check Point can be mapped to any of the following data models, depending on the field: Alerts, Change, Intrusion Detection, Malware, and Network Traffic.

Before looking at documentation for specific data sources, review the Splunk Docs information on general data ingestion: