Hello All,
I have a question about Splunk's App for Checkpoint OPSEC LEA from our firewall administrator. We currently ingest about 60GB/day of CP logs, but the admin only sees about 15GB/day of logs on his CP device. Why is there such a high discrepancy? As far as I can tell, the Splunk app is working as it should and we are not getting any errors.
Any thoughts?
thanks
ed
↧