This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Simon_Macpherso
Advisor
‎2022-09-12 05:08 PM

Hit Counter Status

Hello,

We encountered an incident today whereby the hit counters on a specific policy were not working.

In Smart Console, the majority of rules reflected 0 hit count and if queried via a call to the mgmt. API, the rules would reflect 0 hits.

i.e. mgmt_cli show access-rulebase offset 11 limit 1 name "Network" details-level "standard" use-object-dictionary true show-hits true hits-settings.from-date "2022-09-11" hits-settings.to-date "2022-09-12T23:59" hits-settings.target "cluster01"  --format json

We upgraded the cluster this policy was applied to today – the hit counters are working post-upgrade.

I’ve reviewed sk79240 to get an understanding of the components involved that can impact this data.

We run automation against all policies for auditing unused rules that is based on the hit counter metric, so it’s critical the management server is receiving this data from all gateways.

We need to be able to monitor whether rule hit counters are incrementing as expected – do you have an existing script internally that we could use for this purpose?

Regards,

Simon

0 Kudos
1 Reply

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    CheckMates Events