Hello, I'm trying to get my Checkpoint firewall, ips, vpn, etc. logs into OSSEC, but Checkpoint is telling me that it has to be OPSEC certified in order to make a connection. If you are pulling your CheckPoint Gaia R77.20 firewall logs into OSSEC, how did you do it? I have seen the articles on forwarding syslog, but those are only the OS log files. I have also seen THIS <https://blog.rootshell.be/2014/08/28/check-point-firewall-logs-and-logstash-elk-integration/#more-26358>article on using an 'agent in the middle' to create a secure connection, but there has to be a better way. Any help would be greatly appreciated!
Thanks! -- --- You received this message because you are subscribed to the Google Groups "ossec-list" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
