Table of Contents
Advertisement
Appliance Configuration
Logs and Monitoring
This section describes the security and system logs. It also describes various monitoring tools.
Viewing Security Logs
The Logs & Monitoring > Security Logs page lets you browse the last 100 log records.
These logs are sent to SmartView tracker, but are also available on this page. Note that the
number of logs shown is not configurable, and is not related to the SmartDashboard setting "GW
properties > Logs and alert > Max log size..." (This setting only applies to logs that are saved by the
gateway when the Security Management Server cannot be reached).
To search for a security log:
Enter your query in the Enter search query box.
Use this syntax:
<IP_address>
or
<column_name>:<value>
For example:
203.0.113.64
or
action:drop
or
source port:22
For more details, click Query Syntax in the table header.
To see the security log record:
1. Select a log entry from the list.
2. Click View Details or double-click the entry.
The log record opens.
To refresh the security log data:
Click the refresh icon
.
To stop local logging:
You can stop local logging to remove the overhead to create and maintain logs to improve
performance. No new logs are generated until you set the resume option.
1. Select Options > Stop local logging.
2. To resume, select Options > Resume local logging.
Logs can be stored centrally or locally. Logs can be stored locally on the appliance's
non-persistent memory or on an external SD card (persistent). When you insert an SD card, it
mounts automatically and then local logs are saved to it. Before you eject an SD card, make sure
to unmount it. Select Options > Eject SD card safely.
Check Point 1100/1200R/1400 Appliances Centrally Managed Administration Guide R77.20.70
|
106
Advertisement
Table of Contents
