Enosys Add-on for Check Point OPSEC LEA

About Us: - Enosys Solutions is a technology security specialist with a highly skilled professional services team and 24x7 on-shore security operations centre (SOC) servicing corporate and public sector organisations across Australia, specialising in Security Operations services leveraging Splunk. Description: - Enosys created this Technical Add-On to enable CIM-compliant ingestion of logging data from a forwarded Check Point logs. Features: - This is intended to support field extraction for Splunk Cloud and Enterprise deployments. - As this is intended for use on Search Heads no binaries are included. - Efforts to ensure CIM compliance are met. - The Enosys Add-on for Check Point OPSEC LEA works with expected Check Point type logs opsec,opsec:smartdefense(ips),opsec:vpn,opsec:audit,opsec:threat_emulation,opsec:anti_malware(anti_bot) and opsec:anti_virus Attribution: - Full credit to the Splunk team for their work and maintenance of the foundation and componente 'https://splunkbase.splunk.com/app/3197/' ** Please contribute here https://github.com/enosysau/Splunk_TA_checkpoint-opseclea_Enosys **