New datasource for CheckPoint firewall LEA Application (OPSEC) does not receive logs as verified from the datasource.
Verify the SIC name using the command line on the checkpoint server.
SSH to the Check Point management server.
Switch to expert mode:
When prompted, enter the password for expert.
Run the following command:
cpca_client lscert –kind SIC
Enter the sic name in the datasource properties in CloudSOC.
SpanVA health monitor logs can be collected by support logs the LEA client connection.