- Products
- Learn
- Local User Groups
- Partners
- More
CheckMates Fifth Birthday
Celebrate with Us!
days
hours
minutes
seconds
Join the CHECKMATES Everywhere Competition
Submit your picture to win!
Check Point Proactive support
Free trial available for 90 Days!
As YOU DESERVE THE BEST SECURITY
Upgrade to our latest GA Jumbo
The 2022 MITRE Engenuity ATT&CK®
Evaluations Results Are In!
Now Available: SmartAwareness Security Training
Training Built to Educate and Engage
MITRE ATT&CK
Inside Check Point products!
CheckFlix!
All Videos In One Space
Hi,
Is there a practical way of exporting/query-ing for information regarding Endpoints with missing seats?
For example if an organization runs out of seats and the administrator would like to know which Endpoints operate at reduced functionality, what's a keyword to search for to produce a list?
Obviously purchasing adequate licenses ends up as a top priority, but for the sake of information gathering this knowledge may be good to have.
As far as I'm aware only the Threat Emulation blade produces periodic "enabled/disabled due to (in)valid license" messages and I've been able to produce such a list through a log query "blade:"threat emulation" disabled" and a bit of regex on the exported CSV.
But what's the plan when this blade isn't involved; for example with a local TE appliance or if the blade isn't installed on the Endpoint?
In general, what's the logic when assigning seats; is it first come first serve when it comes to "last contact with MGMT" or does it go by "Last deployment" statistics?
Regards,
Luka
Interesting question...curious to see if there is a way. To be honest, the only way I check those things for anything Check Point is with cplic print commands.
About CheckMates
Learn Check Point
Advanced Learning
YOU DESERVE THE BEST SECURITY