1. Logsign Support Center
  2. Logsign Unified SecOps Platform
  3. Integration

Checkpoint Harmony integration via API

Updated

API Key / Client ID + Secret Creation

You must log into the Check Point Infinity Portal or the Harmony Endpoint management console.

Navigate to the API Keys (External API / Service API) section.

When creating a new API key, the Service / Product option must be set to Harmony Endpoint.

Once the API key is created, the system will provide the Client ID and Secret / Access Key.

These credentials will be used for API authentication (for example, when obtaining an access token).

 

API Key Permissions (Scopes)

For the API key to function correctly, the following permissions must be assigned:
    •    fetch assets
    •    fetch vulnerabilities
    •    fetch events / logs / incidents
    •    fetch remediation status / results
    •    fetch quarantine items

If the API key is created with only the “asset fetch” permission, it will only be able to retrieve device and vulnerability information.

To retrieve quarantine, remediation, or event/log data, the relevant “data fetch / read-only” permissions must be granted.

 

Endpoint Agent and Module Requirements

Having an API key alone is not sufficient for retrieving data.

The following conditions must be met:

Harmony Endpoint Agent / Client must be installed on all endpoint machines.

The following protection modules must be enabled on the agent:
    •    Malware / Anti-Malware
    •    Forensics
    •    Quarantine
    •    Remediation
    •    Vulnerability Management

All of these modules must be licensed and active.

If these modules are not active, the relevant data types cannot be retrieved through the API.

 

Log Collection and Centralized Log Management

To retrieve logs via the API (events, quarantine, remediation, anti-malware, etc.):

The Log Collection / Central Logging feature must be enabled in the management console.

In the Harmony Endpoint Logs section, logs coming from endpoint devices must be visible.

If logs are not visible in the portal, they cannot be retrieved via the API.

Ensure that the log collection infrastructure is properly enabled before attempting API log queries.

 

Configure Integration in Logsign USO

Log in to your Logsign USO instance.

Go to Data Sources → Add New → API → Checkpoint Harmony

Enter the following fields:

  • API Key
  • Client ID
Was this article helpful?
0 out of 0 found this helpful

Articles in this section

See more
Become a Certified Logsign User/Administrator
Sign-up for Logsign Academy and take the courses to learn about Logsign USO Platform in detail. Enjoy the courses, and get your badges and certificates. In these courses, you'll learn how to use Logsign in your work and add value to your career.
Visit Our Blog
Our Logsign USO Platform illustrate our expertise. So do the blog. Through our blog posts, deepen your knowledge on various SecOps topics or get updated about important news & modern approaches for cybersecurity. Get into the habit of reading valuable information provided by Logsign. Be a step ahead.