Check Point + Splunk
Check Point App for Splunk
Check Point and Splunk allows you to respond to security risks immediately and gain true network insights. You can collect and analyze millions of logs from all Check Point platforms across networks, cloud, endpoints and mobile. This app uses Check Point Log Exporter to seamlessly send logs from your Check Point log server to your Splunk server.
Check Point Adaptive Reponse Add-on
Check Point and Splunk help Security Operation Centers (SOC) create and deliver an automatic or ad hoc response to threats. This Splunk Add-on allows our joint customers to extract malicious IoCs from the Splunk environment and push them in STIX format to Check Point gateways for enforcement using the Check Point custom intelligence feeds feature.
- Extract – Reads incoming logs from the Security Gateway
- Transform – Adapts to SIEM format
- Export – Sends the logs to the configured target server