forked from elastic/integrations
/
manifest.yml
126 lines (126 loc) · 3.56 KB
/
manifest.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
name: checkpoint
title: Check Point
version: "1.17.0"
release: ga
description: Collect logs from Check Point with Elastic Agent.
type: integration
format_version: 1.0.0
license: basic
categories: [security, network, firewall_security]
conditions:
kibana.version: "^8.6.0"
icons:
- src: /img/checkpoint-logo.svg
title: Check Point
size: 761x341
type: image/svg+xml
screenshots:
- src: /img/overview.png
title: Check Point - Overview
size: 1024x1076
type: image/png
- src: /img/addresses_and_ports.png
title: Check Point - Addresses and Ports
size: 1024x1076
type: image/png
- src: /img/time_and_traffic.png
title: Check Point - Time and Traffic
size: 1024x798
type: image/png
- src: /img/time_and_place.png
title: Check Point - Time and Place
size: 1024x1041
type: image/png
policy_templates:
- name: checkpoint
title: Check Point logs
description: Collect logs from Check Point instances
inputs:
- type: logfile
title: "Collect Check Point firewall logs (input: logfile)"
description: "Collecting firewall logs from Check Point instances (input: logfile)"
vars:
- name: paths
type: text
title: Paths
multi: true
required: true
show_user: true
- name: internal_zones
type: text
title: Internal Zones
multi: true
required: false
show_user: false
default:
- trust
- name: external_zones
type: text
title: External Zones
multi: true
required: false
show_user: false
default:
- untrust
- type: tcp
vars:
- name: syslog_host
type: text
title: Syslog Host
multi: false
required: true
show_user: true
default: localhost
- name: syslog_port
type: integer
title: Syslog Port
multi: false
required: true
show_user: true
default: 9001
- name: internal_zones
type: text
title: Internal Zones
multi: true
required: false
show_user: false
- name: external_zones
type: text
title: External Zones
multi: true
required: false
show_user: false
title: "Collect Check Point firewall logs (input: tcp)"
description: "Collecting firewall logs from Check Point instances (input: tcp)"
- type: udp
vars:
- name: syslog_host
type: text
title: Syslog Host
multi: false
required: true
show_user: true
default: localhost
- name: syslog_port
type: integer
title: Syslog Port
multi: false
required: true
show_user: true
default: 9001
- name: internal_zones
type: text
title: Internal Zones
multi: true
required: false
show_user: false
- name: external_zones
type: text
title: External Zones
multi: true
required: false
show_user: false
title: "Collect Check Point firewall logs (input: udp)"
description: "Collecting firewall logs from Check Point instances (input: udp)"
owner:
github: elastic/security-external-integrations