The correct answer isD. SmartEvent can analyze historical logs by usingOffline Jobs. Check Point’s R82 Logging and Monitoring Administration Guide states that SmartEvent system administration includes creating offline jobs to analyze historical log files. This is the proper mechanism when the administrator wants SmartEvent correlation to process logs that were already generated instead of only evaluating new incoming logs. Option A is wrong because CPLogInvestigator is not the standard SmartEvent feature named in R82 for this task. Option B is wrong because SmartEvent is not limited to only newly arriving logs; Check Point documents offline log import/analysis. Option C describes the idea in informal wording, but the official feature name tested by the question isOffline Job. Operationally, offline jobs are useful during deployment, incident review, or after changing Event Policy settings because they allow historical log data to be processed for event generation and analysis. Reference topic:System Administration / Importing Offline Log Files / Offline Jobs.
========
Contribute your Thoughts:
Chosen Answer:
This is a voting comment (?). You can switch to a simple comment. It is better to Upvote an existing comment if you don't have anything to add.
Submit