Is this for Gaia API connections or Management API?  It looks like the Management API.

Yeah, just realized a few minutes ago I misunderstood the question. Can't seem to edit or delete my post, which is fun.

https://sc1.checkpoint.com/documents/latest/GaiaAPIs/index.html#introduction~v1.6%20

We don't have native API call for showing sessions.

You can see how many sessions you have with gaia_api status:

# gaia_api status

API Status:
---------------------
Build: cp991255050
Uptime: 0:07:45
Current Sessions: 0
Latest Version: 1.6

From poking at this for a few minutes, I can see /var/log/gaia_api_server.log contains interesting data:

17/06/22 15:50:30: MainThread: infra.urlGeneratorIS: DEBUG: Handle request: <class 'requests.sessions.LoginRequest'>
17/06/22 15:50:30: MainThread: infra.urlGeneratorIS: DEBUG: Execute validators
17/06/22 15:50:30: MainThread: infra.urlGeneratorIS: DEBUG: requestData = {'user': 'admin', 'password': '1qaz!QAZ'}
17/06/22 15:50:30: MainThread: validate: DEBUG: _validate json = {'user': 'admin', 'password': '1qaz!QAZ'}
17/06/22 15:50:30: MainThread: infra.urlGeneratorIS: DEBUG: All Active type: {'user': 'non_empty_ascii', 'password': 'non_empty_ascii'}
17/06/22 15:50:30: MainThread: infra.urlGeneratorIS: DEBUG: Verify permissions
17/06/22 15:50:30: MainThread: infra.pipeline: DEBUG: Execute commit function for class <class 'requests.sessions.LoginRequest'>
17/06/22 15:50:31: MainThread: infra.pipeline: DEBUG: Handling output
17/06/22 15:50:31: MainThread: objects.sessions: INFO: Remote authentication succeed for user:admin
17/06/22 15:50:31: MainThread: app: INFO: Request for endpoint /v1.6/login [method: POST], for source 10.0.3.18, SUCCEEDED [duration 329ms]

17/06/22 15:50:46: MainThread: infra.urlGeneratorIS: DEBUG: Handle request: <class 'requests.sessions.LogoutRequest'>
17/06/22 15:50:46: MainThread: infra.urlGeneratorIS: DEBUG: Execute validators
17/06/22 15:50:46: MainThread: infra.urlGeneratorIS: DEBUG: requestData = {}
17/06/22 15:50:46: MainThread: validate: DEBUG: _validate json = {}
17/06/22 15:50:46: MainThread: infra.urlGeneratorIS: DEBUG: All Active type: {}
17/06/22 15:50:46: MainThread: infra.urlGeneratorIS: DEBUG: Verify permissions
17/06/22 15:50:46: MainThread: infra.pipeline: DEBUG: Execute commit function for class <class 'requests.sessions.LogoutRequest'>
17/06/22 15:50:46: MainThread: infra.pipeline: DEBUG: Instantiate response class
17/06/22 15:50:46: MainThread: app: INFO: Request for endpoint /v1.6/logout [method: POST], for source 10.0.3.18, SUCCEEDED [duration 10ms]

I added a newline between the login and logout. Logins record when the user authentication works, but no unique session identifier. Logouts don't record who logged out or any kind of session identifier. Passwords are recorded in cleartext (twice!), which is ... not great.

/var/log/audit/audit.log shows logins, but no session identifier and no logouts.