https://community.checkpoint.com/t5/Cloud-Firewall/AWS-Auto-scaling-groups-and-logging/m-p/126069#M1390 <P>Our environment:</P><P>MDS - R81 JHT23<BR />Dedicated MLM/CLM - R81 JHT23<BR />Cloudguard Gateways in AWS - R80.40 / Autoscaling / GWLB</P><P>I have observed that when AWS provisions a gateway, the CME does all of its work beautifully.&nbsp; It brings the gateway into the respective CMA, provisions it and brings it into production.&nbsp; And we're using auto-configuration scripts to setup all the base configuration stuff (passwords, snmp, ntp, so-on-and-so-forth).&nbsp; It all works great!</P><P>But.&nbsp; The CME appears to miss one step - installing database after the new gateways are online.</P><P>When a new gateway comes on line, it seems to be logging that data to the correct CLM.&nbsp; But any searches on the logs for traffic a given AWS gateway is transiting returns nothing until I do a manual database install.&nbsp; I tried using specific source/destination IP's and even using the origin of the gateway in question to do searches.&nbsp; Nadda until the database is installed.&nbsp; Then it works great.</P><P>Any chance that can get investigated?&nbsp; Please?&nbsp; With a side of Direct Connect on top?</P><P>In my happy little world, that's something the CME process should take care of.</P><P>&nbsp;</P> Mon, 09 Aug 2021 15:20:18 GMT Tommy_Forrest 2021-08-09T15:20:18Z https://community.checkpoint.com/t5/Cloud-Firewall/AWS-Auto-scaling-groups-and-logging/m-p/126069#M1390 <P>Our environment:</P><P>MDS - R81 JHT23<BR />Dedicated MLM/CLM - R81 JHT23<BR />Cloudguard Gateways in AWS - R80.40 / Autoscaling / GWLB</P><P>I have observed that when AWS provisions a gateway, the CME does all of its work beautifully.&nbsp; It brings the gateway into the respective CMA, provisions it and brings it into production.&nbsp; And we're using auto-configuration scripts to setup all the base configuration stuff (passwords, snmp, ntp, so-on-and-so-forth).&nbsp; It all works great!</P><P>But.&nbsp; The CME appears to miss one step - installing database after the new gateways are online.</P><P>When a new gateway comes on line, it seems to be logging that data to the correct CLM.&nbsp; But any searches on the logs for traffic a given AWS gateway is transiting returns nothing until I do a manual database install.&nbsp; I tried using specific source/destination IP's and even using the origin of the gateway in question to do searches.&nbsp; Nadda until the database is installed.&nbsp; Then it works great.</P><P>Any chance that can get investigated?&nbsp; Please?&nbsp; With a side of Direct Connect on top?</P><P>In my happy little world, that's something the CME process should take care of.</P><P>&nbsp;</P> Mon, 09 Aug 2021 15:20:18 GMT https://community.checkpoint.com/t5/Cloud-Firewall/AWS-Auto-scaling-groups-and-logging/m-p/126069#M1390 Tommy_Forrest 2021-08-09T15:20:18Z https://community.checkpoint.com/t5/Cloud-Firewall/AWS-Auto-scaling-groups-and-logging/m-p/126087#M1391 <P>Hello <a href="https://community.checkpoint.com/t5/user/viewprofilepage/user-id/10886">@Tommy_Forrest</a>,<BR />Described configuration should work without installing DB<BR />Do you have a SR opened for this issue?<BR />If not I suggest to open SR and share it with me over private massage<BR />In the SR please attach logs gathered by the CME Log Collector (see <A href="https://sc1.checkpoint.com/documents/IaaS/WebAdminGuides/EN/CP_CME/Default.htm?cshid=ID011" target="_blank" rel="noopener">https://sc1.checkpoint.com/documents/IaaS/WebAdminGuides/EN/CP_CME/Default.htm?cshid=ID011</A> (This link was edited by Check Point on 19 Dec 2021))<BR /><BR />Thanks,<BR />Roman</P> Sun, 19 Dec 2021 13:08:29 GMT https://community.checkpoint.com/t5/Cloud-Firewall/AWS-Auto-scaling-groups-and-logging/m-p/126087#M1391 Roman_Kats 2021-12-19T13:08:29Z https://community.checkpoint.com/t5/Cloud-Firewall/AWS-Auto-scaling-groups-and-logging/m-p/128161#M1392 <P>Updating this thread in case anyone finds this in a web search - R&amp;D did discover that install database wasn't getting done and they're looking into fixing CME to address this issue in a future release.</P> Thu, 26 Aug 2021 18:37:46 GMT https://community.checkpoint.com/t5/Cloud-Firewall/AWS-Auto-scaling-groups-and-logging/m-p/128161#M1392 Tommy_Forrest 2021-08-26T18:37:46Z