In This Section: |
This documents provides step by step instructions to install, configure, and troubleshoot the Check Point Adaptive Response (AR) Add-on for Splunk Enterprise with the Enterprise Security App.
The integration is in two parts:
The installation and configuration process happens on both the Splunk Server and the Security Gateway.
Download the Check Point Adaptive Response Add-on for Splunk bundle from Splunkbase. This bundle creates a necessary alert action for Splunk Enterprise Users as well as for Splunk Enterprise Security App Users and contains a configuration page to configure the details on the destination machine where the files are transferred.
To download Splunk Enterprise, go here.
To install Splunk Enterprise, follow the instructions here.
To download the Splunk Enterprise Security App, go here.
Set the environment variable to SPLUNK_HOME
.