cancel
Showing results for 
Search instead for 
Did you mean: 
Create a Post
TAEKBOM_Kim
Nickel

How to check interfaces operation failure(down) log with GUI

Jump to solution

Hi~ All.
Our customer wants to know how to check interfaces operation failure(down) log with GUI.
Most of firewalls(Palo Alto, Fortigate, SECUI...etc) can check operation failure(down) log with GUI.

But check point can't do it...

Am I missing something?

Is there anyone knows how to check interfaces operation failure(down) log with GUI.


Our customer has got a 15600-gateway. (Version R80.10)

1 Solution

Accepted Solutions

Re: How to check interfaces operation failure(down) log with GUI

Jump to solution

Good point for RFE ... customers dont want to spend 30 minutes searching in logs ... They want to see statistics for interface flapping in one click. 

As all flaps are logged in /var/log/messages/ it cannot be such a deal to transfer it to some command (show interface <NAME> link-status) or WebUI.

Kind regards,
Jozko Mrkvicka
17 Replies

Re: How to check interfaces up-down log with GUI

Jump to solution

There is much information available for interface states in the Cluster Logs. Without Clustering, SysLog contains it or SNMP can be used - but both do not show in CP GUI.

0 Kudos
TAEKBOM_Kim
Nickel

Re: How to check interfaces up-down log with GUI

Jump to solution

Cluster logs in CP GUI??

Could you let me know where is the Cluster logs pasth?

thank you.

0 Kudos

Re: How to check interfaces up-down log with GUI

Jump to solution

In Dashboard, the logs can be viewed. In old times, it was SmartView Tracker and to see cluster logs:

- #Go to the right-most column "Information"

- #Right click on the name of the column

- #Click on "Edit filter"

- #Under "Specific" choose "Contains"

- #In "Text" type the word "cluster_info" (do not check any boxes)

- #Click on "OK"

You can start it for R80.10 as C:\Program Files (x86)\CheckPoint\SmartConsole\R80.10\PROGRAM\CPlgv.exe

0 Kudos
TAEKBOM_Kim
Nickel

Re: How to check interfaces operation failure(down) log with GUI

Jump to solution

It does not work....

I think it supoorts only the clustering configuration.

Thank you for your advice.

0 Kudos

Re: How to check interfaces operation failure(down) log with GUI

Jump to solution

Yes, that was what i wrote - but as a single GW is not the best security solution (to put it mildly), clustering is very common.

0 Kudos
TAEKBOM_Kim
Nickel

Re: How to check interfaces operation failure(down) log with GUI

Jump to solution

Okay! I will consider it. 

Thank you for your advice.

0 Kudos
Admin
Admin

Re: How to check interfaces up-down log with GUI

Jump to solution

Gaia WebUI?

0 Kudos
TAEKBOM_Kim
Nickel

Re: How to check interfaces up-down log with GUI

Jump to solution

Hi~ Dameon Welch Abernathy.

Our client wants to know history of interface down log in GUI.

Example.

1) Interface Operation Failure enable

2) Filter => time=between(20180817000000-20180817235959) description=contains(eth1)

It is a feature provided by most firewalls.

It is useful information for fault analysis.

But Check Point is not support.... ㅠ.ㅠ

Re: How to check interfaces operation failure(down) log with GUI

Jump to solution

There are several options to look for such information:

1. /var/log/messages file on the appliance, look for interface related info. Mind the logs are rotated, so you might need some scripting to keep the history record of required depth. 

2. SNMP Monitoring. If you are using external SNMP monitoring system, you can create required reports there.

Admin
Admin

Re: How to check interfaces operation failure(down) log with GUI

Jump to solution

The information can be uncovered, just not in the WebUI.

In R80.20, we are simplifying/adding some information into our CLI commands specifically related to clustering, but I'm not sure we are adding this information into the WebUI.

In any case, it's useful feedback and something to be considered for later releases.

0 Kudos

Re: How to check interfaces operation failure(down) log with GUI

Jump to solution

Good point for RFE ... customers dont want to spend 30 minutes searching in logs ... They want to see statistics for interface flapping in one click. 

As all flaps are logged in /var/log/messages/ it cannot be such a deal to transfer it to some command (show interface <NAME> link-status) or WebUI.

Kind regards,
Jozko Mrkvicka

Re: How to check interfaces operation failure(down) log with GUI

Jump to solution

This is also sent as SysLog afaik...

0 Kudos

Re: How to check interfaces operation failure(down) log with GUI

Jump to solution

RFE point taken, but I am pretty sure this will not make it very high on the priority list.

You can also easily script it without asking Check Point R&D to do it for you. It is a three line script, right? 🙂

0 Kudos

Re: How to check interfaces operation failure(down) log with GUI

Jump to solution

Are you really shure that RFE is the correct answer to your question ? I would mark the comment from Valeri Loukine as the correct answer - requesting a new feature does not provide any immediate help ! And yes, SysLog is a poor mans solution here, SNMP is the standard...

0 Kudos

Re: How to check interfaces operation failure(down) log with GUI

Jump to solution

Günther W. Albrecht‌, it is okay if the topic starter like the other comment better. I am okay with that as long as we provide guidance for finding a solution

0 Kudos

Re: How to check interfaces operation failure(down) log with GUI

Jump to solution

Yes, it is o.k. with me, too - still i personally think that the mark is "correct answer" not "comment liked best", but everyone as he likes...

Re: How to check interfaces operation failure(down) log with GUI

Jump to solution

What is severity and facility of those messages related to interface down ? Isnt it just "notice" ?

Kind regards,
Jozko Mrkvicka
0 Kudos