Check Point brings you an advanced and real-time threat analysis and reporting tool for Splunk. The Check Point App for Splunk allows you to respond to security risks immediately and gain network true insights. You can collect and analyze millions of logs from all Check Point technologies and platforms across networks, Cloud, Endpoints and Mobile. This app uses the Check Point Log Exporter to seamlessly send logs from your Check Point log server to your Splunk server. For more details, see Check Point sk122323 - http://supportcontent.checkpoint.com/solutions?id=sk122323. Main features include: • Compatibility with Common Information Model (CIM) • Compatibility with Splunk Enterprise Security • Integration with Check Point SmartEvent dashboards (e.g., General Overview, Threat Prevention and the new Cyber Attack View) • MITRE ATT&CK framework advanced analytics for malicious files found by SandBlast technology
(0)
Categories
Created By
Type
Downloads
Licensing
Splunk Answers
Resources