Lookups for the Splunk Add-on for Check Point Log Exporter¶
The Splunk Add-on for Check Point Log Exporter has the following lookups. The lookup files map fields from Check Point Log Exporter to CIM-compliant values in the Splunk platform. The lookup files are located in: $SPLUNK_HOME/etc/apps/Splunk_TA_checkpoint_log_exporter/lookups.
| Filename | Description |
|---|---|
checkpoint_service_app.csv |
Maps transport_id to protocol and transport. |
checkpoint_transport_protocols.csv |
Maps service port to app. |