Splunk® Supported Add-ons

Splunk Add-on for Check Point Log Exporter

Acrobat logo Download manual as PDF


Acrobat logo Download topic as PDF

Source types for the Splunk Add-on for Check Point Log Exporter

The Splunk Add-on for Check Point Log Exporter provides the following source types and CIM compatibility.

Sourcetype Event type CIM compliance
cp_log cp_tcp_attack Intrusion Detection
cp_network_communicate Network Traffic
cp_change Change
cp_change_audit Change
cp_logout_logs Change
cp_change_network Change
cp_alert Alerts
cp_malware_attack Malware Attacks
cp_ids_attack Intrusion Detection
cp_auth_logs Authentication
cp_endpoint_activity Inventory
cp_email_logs Email
cp_web Web
cp_log:syslog cp_tcp_attack Intrusion Detection
cp_network_communicate Network Traffic
cp_change Change
cp_change_audit Change
cp_logout_logs Change
cp_change_network Change
cp_alert Alerts
cp_malware_attack Malware Attacks
cp_ids_attack Intrusion Detection
cp_auth_logs Authentication
cp_endpoint_activity Inventory
cp_email_logs Email
cp_web Web
Last modified on 20 February, 2024
PREVIOUS
Lookups for the Splunk Add-on for Check Point Log Exporter
  NEXT
Release notes for the Splunk Add-on for Check Point Log Exporter

This documentation applies to the following versions of Splunk® Supported Add-ons: released


Was this documentation topic helpful?


You must be logged into splunk.com in order to post comments. Log in now.

Please try to keep this discussion focused on the content covered in this documentation topic. If you have a more general question about Splunk functionality or are experiencing a difficulty with Splunk, consider posting a question to Splunkbase Answers.

0 out of 1000 Characters