What I need to do is that,
I need to pull the Check Point Logs from a Check Point device.
I have read that, in order to accomplish this, we have following things,
The OPSEC LEA (Log Export API) provides the ability to pull logs from a Check Point device based on the OPSEC SDK. OPSEC LEA listens on port tcp/18184 on the device (OPSEC LEA Server) which will contain your logs. Your OPSEC LEA Client will then connect into 18184 and pull the logs.
So in order to run a LEA server, I installed a Check Point R75.20 on my VirtualBox. I dont know how to run the OPSEC LEA server on the Check Point R75.20 platform. I have read the documentation for R75.20 as well but could not get a hint on running the server.
Now after I run the lea-server, isn't it the OPSEC SDK that I will use to write an OPSEC LEA CLient?
Thanks.
Yes, you want the Opsec SDK found here.
You could also use the fw1-loggrabber which is probably a LOT easier.