Wednesday, May 19, 2010

Resolving local logging issues on Checkpoint

If logs are not appearing in Smartview Tracker, they are probably logging locally.
To determine if logs are being stored locally on the gateway, go to $FWDIR/log.
Locate the fw.log file and see if it's size is incrementing. There may also be additional fw*.log files that have rolled over.
To resolve the issue, first try restarting the MLM (in a Provider environment or the Log Services in a Smartcenter Server environment).
Next, restart the firewall services on the gateway (fw kill fwd followed by fwd).
If that does not work, try restarting the firewall.

Once resolved, you can pull the stored logs from the gateway by running "fw fetchlog " from the log server. In R70, there is also an option to fetch logs in Smartview Tracker (Tools>Remote Files Mgmt)

Also check tcp port (257)is opened fro firewall to SmartCenter server.

No comments: