CCX Add-on for Checkpoint Smart-1 Cloud (Log Exporter)

This Add-on supports parsing for Checkpoint Smart-1 Cloud logs pushed via Log Exporter which Syslog format has an encapsulated JSON string. About Us: CyberCX is Australia’s greatest force of cyber security experts. Our highly skilled professional services team operates a 24x7 on-shore security operations centre (SOC) servicing corporate and public sector organisations across Australia and New Zealand, specialising in Security Operations services leveraging Splunk. Description: The CCX Add-on for Checkpoint Smart-1 Cloud looks to provide a single field extraction bundle for Checkpoint Smart-1 Cloud product. This TA was built using a large dataset and endeavours to be the most CIM compliant comprehensive field extraction TA available for Checkpoint Smart-1 Cloud ingested logs via Log Exporter Syslog. Below are some of the listed products supported: - Firewall - IPS - Smartdefense - Connectra - Anti Spam (MTA) - Endpoint Management/Compliance - Threat Emulation - Anti Bot - Anti Virus - Anti Ransomware - Anti Virus - Anti Malware - Mobile - URL Filtering To receive a full list of Checkpoint products supported by CCX Checkpoint TAs refer to "SUPPORT" >> "Contact Developer". Fully compatible with Splunk Enterprise and Splunk Cloud, built by an Ops team for Ops teams. Features: - This TA currently supports logtypes tagged under the following CIM datamodels: Network Traffic, Network Sessions, Web, Authentication, Change, Malware, Endpoint, Intrusion Detection (IDS), Alerts, Email.