Installation

In This Section: Installing the Jumbo Hotfix Installing Log Exporter Installing the Check Point App for Splunk

Before you install the Check Point App on your Splunk servers, you must install Log Exporter on your Multi-Domain Server, Multi-Domain Log Server, Security Management Server, Log Server or SmartEvent Server.

Workflow:

1. Install the Jumbo Hotfix.
2. Install Log Exporter.
3. Install the Check Point App for Splunk.

Installing the Jumbo Hotfix

Install the Jumbo Hotfix (Take 5 or higher for R80.20 / Take 56 or higher for R80.10 / Take 292 or higher for R77.30) on your Check Point server via CPUSE.

To download the Jumbo Hotfix:

• R80.20 - See sk137592.
• R80.10 - See sk116380.
• R77.30 - See sk106162.

Note - After you install the Jumbo Hotfix, the server automatically reboots.

To install the Jumbo Hotfix:

1. Connect to your server through the Gaia portal: https://<server_ip>:<gaia_port(default:443)>
2. On the left menu, under Upgrades (CPUSE), click Status and Actions.

   

3. Click Import Package, browse to the Jumbo Hotfix file, and click Import.

   

   

4. Click Showing Recommended packages and select All.

   

5. Right click on the Jumbo Hotfix file and select Install Update.

For more information on CPUSE, refer to sk92449.

Installing Log Exporter

Install the Log Exporter bundle on your Check Point server via CPUSE.

Version	Date	File Name
R80.10	06 November 2018	Check_Point_R80.10_Log_Exporter_T41_sk122323_FULL.tgz
R77.30	06 November 2018	Check_Point_R77.30_Log_Exporter_T30_sk122323_FULL.tgz

Note - Log Exporter is part of R80.20 Jumbo Hotfix Take 5 or higher. You do not need to install an additional bundle for it.

To install Log Exporter:

1. Connect to your server through the Gaia portal: https://<server_ip>:<gaia_port(default:443)>
2. On the left menu, under Upgrades (CPUSE), click Status and Actions.
3. Click Import Package, browse to the Log Exporter bundle, and click Import.
4. Click Showing Recommended packages and select All.
5. Right click on the Log Exporter package and select Install Update.

For more information on Log Exporter installation, see the Installation section in sk122323.

Installing the Check Point App for Splunk

Install the Check Point App for Splunk on your Splunk servers. If you have a distributed environment, you must install it on each Splunk machine (forwarder, indexer, and search head).

Note - After you install the app, you are prompted to restart the machine.

Version	Date	File Name
1.0.0	13 November 2018	TA-check-point-app-for-splunk.tgz

To install the app:

1. Go to https://splunkbase.splunk.com/app/4293/ and download the Check Point App for Splunk tgz file.
2. Log in to your Splunk machine via WebUI: http://<splunk_server_ip>:8000
3. On the Apps left panel, click the Manage Apps icon .

   

4. Click Install app from file and select the TA-checkpoint-app-for-splunk.tgz file.

   

   

5. Click Upload and wait until you receive a success notification.

   After you install the app, you can find it in the Apps panel on your Splunk home page.