OPSEC/LEA log source parameters for Check Point
If QRadar® does not automatically detect the log source, add a Check Point log source on the QRadar Console by using the OPSEC/LEA protocol.
When using the OPSEC/LEA protocol, there are specific parameters that you must use.
The following table describes the parameters that require specific values to collect OPSEC/LEA
events from Check Point:
| Parameter | Value |
|---|---|
| Log Source type | Check Point |
| Protocol Configuration | OPSEC/LEA |
| Log Source Identifier |
Type the IP address or host name for the log source as an identifier for events from your Check Point devices. |
For a complete list of OPSEC/LEA protocol parameters and their values, see OPSEC/LEA protocol configuration options.