Hi, Is there any problems to set checkpoint to log into syslog and then use ossec agent on box to forward logs to ossec server? This is usual way to do this..
-- Eero 2015-09-25 0:37 GMT+03:00 <jd...@proconsrv.com>: > Hello, I'm trying to get my Checkpoint firewall, ips, vpn, etc. logs into > OSSEC, but Checkpoint is telling me that it has to be OPSEC certified in > order to make a connection. If you are pulling your CheckPoint Gaia R77.20 > firewall logs into OSSEC, how did you do it? I have seen the articles on > forwarding syslog, but those are only the OS log files. I have also seen THIS > > <https://blog.rootshell.be/2014/08/28/check-point-firewall-logs-and-logstash-elk-integration/#more-26358>article > on using an 'agent in the middle' to create a secure connection, but there > has to be a better way. Any help would be greatly appreciated! > > Thanks! > > -- > > --- > You received this message because you are subscribed to the Google Groups > "ossec-list" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to ossec-list+unsubscr...@googlegroups.com. > For more options, visit https://groups.google.com/d/optout. > -- --- You received this message because you are subscribed to the Google Groups "ossec-list" group. To unsubscribe from this group and stop receiving emails from it, send an email to ossec-list+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.