Create a Post
Showing results for 
Search instead for 
Did you mean: 

Endpoint Security Licensing


Is there a practical way of exporting/query-ing for information regarding Endpoints with missing seats?
For example if an organization runs out of seats and the administrator would like to know which Endpoints operate at reduced functionality, what's a keyword to search for to produce a list?

Obviously purchasing adequate licenses ends up as a top priority, but for the sake of information gathering this knowledge may be good to have.

As far as I'm aware only the Threat Emulation blade produces periodic "enabled/disabled due to (in)valid license" messages and I've been able to produce such a list through a log query "blade:"threat emulation" disabled" and a bit of regex on the exported CSV.

But what's the plan when this blade isn't involved; for example with a local TE appliance or if the blade isn't installed on the Endpoint?

In general, what's the logic when assigning seats; is it first come first serve when it comes to "last contact with MGMT" or does it go by "Last deployment" statistics?



0 Kudos
1 Reply

Interesting question...curious to see if there is a way. To be honest, the only way I check those things for anything Check Point is with cplic print commands.

0 Kudos


Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events