Versions Compared

Old Version 1

changes.mady.by.user Customer Success & Engineering (Unlicensed)

Saved on

compared with

New Version 2

changes.mady.by.user Customer Success & Engineering (Unlicensed)

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Table of Contents
minLevel1
maxLevel7

Overview-

We are providing you the steps to integrate your Checkpoint Firewall with Seceon SIEM so that you can have a Comprehensive visibility and Proactive Threat Detection in your Environment. There will be a log transfer between your firewall to APE(Analytics and Policy Engine) via CCE (Collection and Control Engine ) . In this document we are guiding you the steps for Netflows forwarding.

...

Sending firewall logs to remote syslog | Ubiquiti Community

Verification of configuration

 

Verification can be done in 2 ways  either on CCE or on UI 

  • VERIFICATION THROUGH UI

1.Open UI >>Systems

...

  1. Dropdown systems and go inside -

logs and flows collection status.

  1. Under -

Source device IP address section the device configured will reflect.

...

  • Verification Through CCE server

sudo tcpdump -i any host 9995 and host <IP address> -AAA” command should be ran on CCE server to check wheather or not we are getting logs .