Request trial
Request Trial

NXLog Docs

Check Point

ee badge NXLog Enterprise Edition exclusive feature

The im_checkpoint module, provided by NXLog Enterprise Edition, can collect logs from Check Point devices over the OPSEC LEA protocol.

Example 1. Collecting Check Point Opsec LEA logs

With the following configuration, NXLog will collect logs from Check Point devices over the LEA protocol and write them to file in JSON format.

nxlog.conf
<Extension _json>
    Module          xm_json
</Extension>

<Input checkpoint>
    Module          im_checkpoint
    Command         /opt/nxlog/bin/nx-im-checkpoint
    LEAConfigFile   /opt/nxlog/etc/lea.conf
</Input>

<Output file>
    Module          om_file
    File            'tmp/output'
    Exec            $raw_event = to_json();
</Output>

<Route checkpoint_to_file>
    Path            checkpoint => file
</Route>
Disclaimer

While we endeavor to keep the information in this topic up to date and correct, NXLog makes no representations or warranties of any kind, express or implied about the completeness, accuracy, reliability, suitability, or availability of the content represented here. We update our screenshots and instructions on a best-effort basis.

Last revision: 17 September 2018

Subscribe to our newsletter to get the latest updates, news, and products releases.

© Copyright 2024 NXLog Ltd.

PRIVACY POLICY GENERAL TERMS OF BUSINESS