Configuring Check Point Syslogs - Non-Encrypted

First see Configuring Check Point Syslogs.

You can receive non-encrypted Check Point Syslogs over UDP only. Receiving Syslogs over TCP requires encryption.

Configure SecureTrack to Retrieve Audit/Traffic Logs

  1. Add to SecureTrack the first management server and its associated Log Server or CLM.
  2. In the Device Configuration list, select the relevant management server (not the log server).
  3. Click Edit configuration:

    Edit CMA

  4. Click Next and Next.
  5. In the stage 3 page, select Custom.
  6. Set your Check Point device to communicate with SecureTrack by syslog:

    Select Custom > Syslog Authentication.

    Enter the log ID from the Check Point log exporter.

    Select Protocol UDP.

  7. Click Next, and then Save.

How Do I Get Here?

In SecureTrack, go to Monitoring > Device Groups