Checkpoint firewall add logs

adrianrus · March 30, 2023, 1:02pm

Hi

I tried the classic way of configuring the logs to get in, but it seems nothing goes in.
Besides the INPUT configuration under Graylog graphical interface, do i also need to configure something on the firewall itself, something like the system.d to forward the logs towards the graylog server…?

Thanks

Wine_Merchant · March 30, 2023, 2:27pm

Afternoon @adrianrus,

By the traditional way, do you mean something like this

It should be as simple as setting the the Firewall syslog settings to send to Graylog’s ip/hostname on whatever port the syslog input is listening on.

What model/os is the firewall?

H077E · March 31, 2023, 12:48pm

for >= R80: The security log must be activated in the track option for the rule.

adrianrus · April 3, 2023, 12:55pm

where is this actually… ?
Excuse my ignorance

Wine_Merchant · April 4, 2023, 9:20am

Googling for “track option” turned up this.

system · April 18, 2023, 9:20am

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Checkpoint logs in Graylog Graylog Central (peer support)	3	2635	July 31, 2017
Checkpoint Logs Graylog Central (peer support)	4	3093	November 15, 2017
I need help with connecting my firewalls to graylog Graylog Central (peer support)	64	210	April 25, 2024
Input - no active connection Graylog Central (peer support)	12	1504	November 11, 2020
Sonicwall to graylog Graylog Central (peer support)	7	534	November 14, 2023

Checkpoint firewall add logs

Related Topics