Proteggiamo il tuo ambiente digitale da qualsiasi attacco informatico. Sfrutta tutte le potenzialità della piattaforma SGBox!

Gallery

Contatti

Via Melchiorre Gioia, 168 - 20125 Milano

info@sgbox.it

+39 02 60830172

Search another article?

Syslog configuration on CheckPoint

You are here:
< Back

Syslog configuration on CheckPoint

This article explain how to configure CheckPoint to send log to SGBox using syslog protocol.
Log in to CheckPoint management using a terminal link program (eg. Putty) and run the following command:

Requirements

  • CheckPoint R80 required as described here


[Expert@Mgmt:0]#cp_log_export add name [domain-server ] target-server target-port protocol <(udp|tcp)> format <(syslog)|(cef)|(splunk)(generic)> [optional arguments]

[Expert@Mgmt:0]# cp_log_export add name SGBox target-server 192.168.1.10 target-port 514 protocol udp format cef

[Expert@Mgmt:0]# cp_log_export show
name: SGBox
enabled: true
target-server: 192.168.1.10
target-port: 514
protocol: udp
format: cef
read-mode: semi-unified
export-attachment-ids: false
export-link: false
export-attachment-link: false
time-in-milli: false

[Expert@Mgmt:0]# cp_log_export status

Alternatively you can configure it using the User Interface: Right click on MGMT object > Export

Syslog configuration on CheckPoint

Enter the SGBox IP, port and protocol

Syslog configuration on CheckPoint

Select CEF as format

Syslog configuration on CheckPoint

Click OK to finish the wizard.

Syslog configuration on CheckPoint