Check Point Collection: Step 1. Configure Check Point to Send Events

Document created by RSA Information Design and Development on Jul 23, 2016Last modified by RSA Information Design and Development on Sep 14, 2016
Version 4Show Document
  • View in full screen mode
 

This topic tells you where to find the event sources currently supported for Check Point collection and the available configuration instructions for each event source.

Supported Event Sources List

Return to Procedures

The  list of RSA Supported Event Sources is an alphabetized of all the event sources currently supported by Security Analytics that identifies which event sources you can use with Check Point Collection.

SupportedCPES.png

Find the name of the event source.
Verify that it is supported by the Check Point Collection Protocol.
Click on yellow-book.png to display the configuration instructions for the event source.
Verify that you downloaded the correct event source parser (for example, checkpointfw1) from LIVE to the Log Decoder and enabled  it.

Sample Configuration Instructions

The following illustration is taken from the Check Point Security Suite, IPS-1 configuration instructions.

sampleConfigInstrCP.PNG 

You are here: Check Point Collection Configuration Guide > Procedures > Step 1. Configure Check Point Event Sources to Send Events to Security Analytics

Attachments

    Outcomes