Log size in Splunk is much larger than in Checkpoint

HurricaneLabs / TA-checkpoint-cef

Add on for the Check Point Log Exporter to function with Splunk

3 stars 2 forks source link

Log size in Splunk is much larger than in Checkpoint #4

Open wphyllis opened 5 years ago

wphyllis commented 5 years ago

We have used Add-on for Check Point Log Exporter (CEF) to get log from Checkpoint A80.20 to Splunk. The daily log size in Checkpoint is around 2G and the size in Splunk is around 7G. We want to understand if this is normal and why?

goyowestcon commented 1 year ago

Hello. Did you find out the cause of this issue? Thanks