Skip to main content
Skip table of contents

LSO: Syslog - Check Point Log Exporter (Mapping Doc)

This document explains the changes required to apply new Message Processing Engine (MPE) rules developed during the Log Source Optimization (LSO) project for the Syslog - Check Point Log Exporter log source type. 

Vendor Documentation


Supported Log Messages

The following table lists the log message types supported in the current MPE rules. Each page contains detailed information on parsing changes and new log processing settings.

Log Message Type

Event Type

Anti-MalwareGeneral Threat Protection Event
Application ControlGeneral Network Traffic
Application Control URL FilteringApplication Control Detection
Connectra LogsGeneral Operations
Content AwarenessGeneral File Monitoring Event
Data Loss PreventionData Loss Prevention Activity
Forensics EventsVuln Low Severity : Forensics
HTTPS InspectionInspect Packet
Identity AwarenessGeneral Firewall Log
Identity LoggingGeneral User Activity Monitor Event
Log UpdateLog Statistics
MTA EventsGeneral Information
New Anti-VirusGeneral Firewall Log
SmartDefenseGeneral Firewall Log
Syslog MessageGeneral Syslog Message
Threat EmulationGeneral Threat Protection Event
Threat Extraction EventsGeneral Threat Message
URL FilteringGeneral Firewall Log
WEB_APIGeneral Information

Log Processing Policy Updates

This section details log processing policy updates made to AIE Rules, system reports and templates, tails, and investigations as part of LSO.

Updates to AIE Rules

  • No changes.

Updates to System Reports

  • No changes.

Updates to System Investigations

  • No changes.

Updates to System Report Templates

  • No changes.

Updates to System Tails

  • No changes.

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.