I recently installed the Splunk Add-on for Check Point OSPEC LEA application (2.0.2), and my logs are being indexed. However, I'm finding these errors in my splunkd logs. Ideas?
05-24-2013 09:07:21.906 -0700 ERROR ExecProcessor - message from "/opt/splunk/etc/apps/Splunk_TA_opseclea_linux22/bin/lea-loggrabber.sh --configentity SENTINEL-ONE_audit" WARNING: Illegal entry in configuration file: SHOW_FIELDNAMES="yes"