Key Use Cases

Events & AIOps supports a variety of operational and security workflows, including:

• Multi-Tenant Security Monitoring for MSPs

  As a Managed Service Provider (MSP), you can monitor and analyze security events across all your managed accounts through a single unified interface, ensuring visibility and control at scale.

• Event Source Attribution

  Quickly identify which Check Point application was responsible for blocking or detecting a specific event, such as a URL, file, or connection attempt.

• Unified Log Terminology

  Events & AIOps harmonizes terminology across products to simplify investigations. For example, these actions are all referred to as Block in Events & AIOps:

  • Endpoint Security - Block or Prevent

  • Mobile Security - Block

  • Smart-1 Cloud - Drop

• Report Generation and Scheduling

  Generate PDF reports summarizing security activities.

  Reports can be:

  • Scheduled automatically (daily, weekly, monthly)

  • Delivered via email to stakeholders

  • Created for individual tenants or across MSP-managed environments

• Log Ingestion Dashboard

  Monitor and track log ingestion metrics and entitlement status per product through a dedicated dashboard. This helps to ensure:

  • Proper ingestion rates from various Check Point solutions

  • Visibility into quota consumption and entitlement usage

  • Early detection of ingestion or license issues