https://community.checkpoint.com/t5/Firewall-and-Security-Management/Thread-Emulation-get-prevented-file-from-Threat-Cloud/m-p/131451#M19374 <P>Hi PhoneBoy,</P><P>thanks for your comment. I only have one log entry about the block event and it's the thread emulation blade. In the log I don't have a field with file-id...</P> Mon, 11 Oct 2021 06:25:06 GMT BB-MDK 2021-10-11T06:25:06Z https://community.checkpoint.com/t5/Firewall-and-Security-Management/Thread-Emulation-get-prevented-file-from-Threat-Cloud/m-p/131273#M19339 <P>Hey guys,</P><P>is it possible to get a file from Check Point Threat Cloud which has been prevented by TE?</P><P>Maybe something similar to the CLI command "scrub send_orig_file"?</P><P>Or is it only possible to create an exception and let the file be sent again?</P><P>&nbsp;</P><P>Thanks and Kind Regards</P> Thu, 07 Oct 2021 11:59:50 GMT https://community.checkpoint.com/t5/Firewall-and-Security-Management/Thread-Emulation-get-prevented-file-from-Threat-Cloud/m-p/131273#M19339 BB-MDK 2021-10-07T11:59:50Z https://community.checkpoint.com/t5/Firewall-and-Security-Management/Thread-Emulation-get-prevented-file-from-Threat-Cloud/m-p/131424#M19371 <P>I believe scrub send_orig_file will still work even when emulation is done in the cloud as the file should be stored on the gateway that preventing it.</P> Sun, 10 Oct 2021 04:42:44 GMT https://community.checkpoint.com/t5/Firewall-and-Security-Management/Thread-Emulation-get-prevented-file-from-Threat-Cloud/m-p/131424#M19371 PhoneBoy 2021-10-10T04:42:44Z https://community.checkpoint.com/t5/Firewall-and-Security-Management/Thread-Emulation-get-prevented-file-from-Threat-Cloud/m-p/131451#M19374 <P>Hi PhoneBoy,</P><P>thanks for your comment. I only have one log entry about the block event and it's the thread emulation blade. In the log I don't have a field with file-id...</P> Mon, 11 Oct 2021 06:25:06 GMT https://community.checkpoint.com/t5/Firewall-and-Security-Management/Thread-Emulation-get-prevented-file-from-Threat-Cloud/m-p/131451#M19374 BB-MDK 2021-10-11T06:25:06Z https://community.checkpoint.com/t5/Firewall-and-Security-Management/Thread-Emulation-get-prevented-file-from-Threat-Cloud/m-p/131453#M19375 <P>Can you provide a log card?<BR />Redact any sensitive details of course.</P> Mon, 11 Oct 2021 06:46:52 GMT https://community.checkpoint.com/t5/Firewall-and-Security-Management/Thread-Emulation-get-prevented-file-from-Threat-Cloud/m-p/131453#M19375 PhoneBoy 2021-10-11T06:46:52Z https://community.checkpoint.com/t5/Firewall-and-Security-Management/Thread-Emulation-get-prevented-file-from-Threat-Cloud/m-p/131457#M19376 <P>Sure - there you go</P><P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="te.jpg" style="width: 999px;"><img src="https://community.checkpoint.com/t5/image/serverpage/image-id/13944i8BA5417167A18893/image-size/large?v=v2&amp;px=999" role="button" title="te.jpg" alt="te.jpg" /></span></P><P>&nbsp;</P> Mon, 11 Oct 2021 06:54:49 GMT https://community.checkpoint.com/t5/Firewall-and-Security-Management/Thread-Emulation-get-prevented-file-from-Threat-Cloud/m-p/131457#M19376 BB-MDK 2021-10-11T06:54:49Z https://community.checkpoint.com/t5/Firewall-and-Security-Management/Thread-Emulation-get-prevented-file-from-Threat-Cloud/m-p/131460#M19377 <P>I wonder if you can see the fileid in&nbsp;<SPAN>/var/log/maillog&nbsp;</SPAN></P> Mon, 11 Oct 2021 07:04:56 GMT https://community.checkpoint.com/t5/Firewall-and-Security-Management/Thread-Emulation-get-prevented-file-from-Threat-Cloud/m-p/131460#M19377 PhoneBoy 2021-10-11T07:04:56Z