Accept License Agreements

This app is provided by a third party and your right to use the app is in accordance with the license provided by that third-party licensor. Splunk is not responsible for any third-party apps and does not provide any warranty or support. If you have any questions, complaints or claims with respect to this app, please contact the licensor directly.

Thank You

Downloading Check Point Analytics App by QOS
MD5 checksum (check-point-analytics-app-by-qos_107.tgz) 5efd9962e64d0c0891a04516919ddc4c MD5 checksum (check-point-analytics-app-by-qos_104.zip) b265394bf58f480e2e779503adc236f8
To install your download
For instructions specific to your download, click the Details tab after closing this window.

Flag As Inappropriate

Check Point Analytics App by QOS

Splunk Certified
Overview
Details
New Release for Splunk 6.6 (23 May 2017).
WINNER OF SPLUNK REVOLUTION AWARD 2015.
----------------------------------------------------------------------------------------------------------
Check Point Analytics App by QOS helps security administrators to quickly analyze Check Point logs. This app will provide you very good insight of your security posture based on Check Points logs. This app currently analyses three software gateway blades of Check Point. These blades are Firewall, IPS , Threat Prevention and App and URL Filtering blade.
Additionally, this app will let you know if some machines are trying to scan your network either from internal network or from external network.

Our objective is to make this app the best app for Analyzing Check Point logs. We are always there to support to incase you need our help.

This App utilizes the logs collected by Check Point LEA client and performs some useful analytics on top of it.Please note it is mandatory to first install Check Point LEA client before using this app.

This app currently supports 5 Check Point Gateway blades. These blades are Firewall, IPS , Anti-Bot , Anti-Virus and App and URL Filtering blade. If you have any of these blades configured on you Check Point gateway then this App is for you. You can find out the monthly and weekly trends of Firewall Action. You can find out top used rules. This app can be very useful in detecting any abnormal behavior in traffic pattern. There are many more interesting stuffs you can do with this.

You can find the user guide which will be placed in /opt/splunk/etc/apps/CheckPointAnalyticsAppbyQOS/appserver/static directory.

You can also download the Installation and User Guides from our offical webpage.
http://qostechnology.in/checkpoint-analytics-app/

Please email your feedbacks ,suggestions and support issues to splunk@qos.co.in and we promise to get back to you in less than 48 hrs.

FAQS

  • Which Checkpoint Blades(Features) are supported by this app?

We are currently supporting Firewall,IPS,Anti-Bot,Anti-Virus and Application and URL Control Blades. Please mails us at splunk@qos.co.in if you want us to add more blades in future updates.

  • Is Checkpoint LEA app mandatory for this app to work?

It is not mandatory anymore. This app uses the index file created using Checkpoint LEA app. Please use this link to download Checkpoint LEA client.
https://splunkbase.splunk.com/app/1454/
If you do not want to use Check Point LEA or your Splunk runs on windows please use our Check Point Add-On to get Check Point logs through syslog.
https://splunkbase.splunk.com/app/2996

  • Which Operating Systems are supported?

Linux and Windows. If you are using Windows then make sure you use Check Point Add-On to get Check Point logs through syslog.
https://splunkbase.splunk.com/app/2996

  • I need step by step document to install Checkpoint LEA app on my Splunk.

Please use this link and follow the steps mentioned in the blog.
http://qostechnology.in/blog/integrate-splunk-with-checkpoint-managementlog-server/
Alternately for more information you can read splunk's official documentation.
http://docs.splunk.com/Documentation/OPSEC-LEA/3.1.0/Install/InstalltheSplunkTechnologyAdd-onforCheckPointOPSECLEA

  • I need help as I am facing some issues with this app? Whom shall I contact?

Please email the issue in detail with appropriate screenshots at splunk@qos.co.in and we promise to get back to you in less than 48 hrs.

  • How can I give some suggestions to improve this app.

We will be more than happy to listen from our customers. Feel free to drop your emails at splunk@qos.co.in

  • I am running Splunk 6.2 version. Can I get link to download your app for which works on Splunk 6.2.

Yes. Please download app for older version from our website http://qostechnology.in/checkpoint-analytics-app/

  • I need step by step document to install Checkpoint LEA app on my Splunk.

Please use this link and follow the steps mentioned in the blog.
http://qostechnology.in/blog/integrate-splunk-with-checkpoint-managementlog-server/
Alternately for more information you can read splunk's official documentation.
http://docs.splunk.com/Documentation/OPSEC-LEA/3.1.0/Install/InstalltheSplunkTechnologyAdd-onforCheckPointOPSECLEA

  • I need help as I am facing some issues with this app? Whom shall I contact?

Please email the issue in detail with appropriate screenshots at splunk@qos.co.in and we promise to get back to you in less than 48 hrs.

  • How can I give some suggestions to improve this app.

We will be more than happy to listen from our customers. Feel free to drop your emails at splunk@qos.co.in

  • I am running Splunk 6.2 version. Can I get link to download your app for which works on Splunk 6.2.

Yes. Please download app for older version from our website http://qostechnology.in/checkpoint-analytics-app/

Release Notes

Version 1.0.7
May 23, 2017

New release for Splunk
For older versions please email splunk@qos.co.in OR
download from our website.
http://qostechnology.in

1. Threat Prevention will show Attacks generated by attackers.
2. Threat Prevention will show Geo map for country generating attacks.

Version 1.0.4
March 15, 2016

New release for Splunk 6.3.x
For older versions please email splunk@qos.co.in OR
download from our website.
http://qos.co.in

1. App and URL tab will now show an amount of bandwidth used by source.
2. App and URL tab will also show bandwidth utilized per application.
3. App and URL tab will display risky internal IP addresses with an appropriate color.

95
Installs
1,001
Downloads
Share Subscribe LOGIN TO DOWNLOAD

Subscribe Share

Splunk Certification Program

Splunk's App Certification program uses a specific set of criteria to evaluate the level of quality, usability and security your app offers to its users. In addition, we evaluate the documentation and support you offer to your app's users.

Are you a developer?

As a Splunkbase app developer, you will have access to all Splunk development resources and receive a 50GB license to build an app that will help solve use cases for customers all over the world. Splunkbase has 1000+ apps and add-ons from Splunk, our partners and our community. Find an app or add-on for most any data source and user need, or simply create your own with help from our developer portal.

Follow Us:
© 2005-2017 Splunk Inc. All rights reserved.
Splunk®, Splunk>®, Listen to Your Data®, The Engine for Machine Data®, Hunk®, Splunk Cloud™, Splunk Light™, SPL™ and Splunk MINT™ are trademarks and registered trademarks of Splunk Inc. in the United States and other countries. All other brand names, product names, or trademarks belong to their respective owners.