LEA CheckPoint datasource not recieving files
Article ID: 275412
Updated On:
Products
CASB Gateway Advanced
Issue/Introduction
New datasource for CheckPoint firewall LEA Application (OPSEC) does not receive logs as verified from the datasource.
Resolution
Verify the SIC name using the command line on the checkpoint server.
SSH to the Check Point management server.
Switch to expert mode:
expert
When prompted, enter the password for expert.
Run the following command:
cpca_client lscert –kind SIC
Enter the sic name in the datasource properties in CloudSOC.
Additional Information
SpanVA health monitor logs can be collected by support logs the LEA client connection.
Possible errors:
- Unable to connect to Checkpoint Server
- SIC ERROR 111 - SIC Error for lea: Peer sent wrong DN:
Feedback
Yes
No
Powered by
