This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
AB136785
Explorer
‎2026-03-17 08:42 AM

Extended logging info in log export

Hi all,

We have Extended Logging enabled on a particular rule in our firewall. We want to extract URLS from traffic that matches that rule and make the decision to add them to our allowlist or not. However, when I export logs to CSV with our rule and timeframe of interest, the URLs that are shown in the "Session > Web Traffic > Resource (see pic below)" subsection of the connection are not shown in the log file, even with all columns enabled. I was unable to find anything to have this information to show up in that log (or any other log), even though I have tried every logical search term that I can think of. Is there a setting that we're missing? Is there another way to get this information in a nice, orderly manner, perhaps with the Log Exporter? I am happy to read the documentation necessary, but right now I just cannot find _what_ I need exactly. Hope you guys are willing to point me in the right direction 🙂

Cheers,

AB

1900/2000 appliance, version R81.10, cannot find information on which take is installed. Application Control & URL Filtering blades are enabled.

Preview file
43 KB
0 Kudos
5 Replies
Lesley
MVP Gold
MVP Gold
‎2026-03-17 09:22 AM

is it possible to share $EXPORTERDIR/targets/<Name of Log Exporter Configuration>/conf/FilterConfiguration.xml ?

-------
Please press "Accept as Solution" if my post solved it 🙂
0 Kudos
PhoneBoy
Admin
Admin
‎2026-03-17 05:02 PM
In response to Lesley

Original poster was exporting logs from SmartView, which likely does not contain all the log fields.
Changing that would likely require an RFE. 

Log Exporter is for sending logs to a SIEM, which is probably not what you're looking for here.
I believe SmartEvent can provide this information (with the right report).

AB136785
Explorer
‎2026-03-18 01:12 AM
In response to PhoneBoy

Thank you both for the replies so far. Indeed, I was exporting logs using the Web Smartconsole, apologies for not clarifying that initially. All I'm looking for is a table/list of URLs that were visited in a specified timeframe by specific hosts, preferrably with an easier method than manually going through the logs, clicking on the events of interest, and looking at the session info manually for every event I need. Since you're suggesting filing a Request for Enhancement, I take it that that functionality does not exist (yet).

I'll create the RFE. In the meantime, if anyone else has some suggestions to achieve this - or another method to specifically filter specific destinations and downloads - feel free to contribute.

0 Kudos
PhoneBoy
Admin
Admin
‎2026-03-18 03:24 PM
In response to AB136785

If you don't mind getting your hands dirty, maybe you can pull the information from the API: https://sc1.checkpoint.com/documents/latest/APIs/index.html#cli/show-logs~v2.1%20

Lesley
MVP Gold
MVP Gold
‎2026-03-19 10:35 AM
In response to PhoneBoy

Ah my mistake was thinking this was about log exporter

-------
Please press "Accept as Solution" if my post solved it 🙂
0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    In-Person

    Tue 19 May 2026 @ 08:00 AM (EDT)

    Montreal: P’tits déj Cyber! | Cyber Breakfasts!
    In-Person

    Tue 02 Jun 2026 @ 09:00 AM (CEST)

    CheckMates Live Denmark - Aarhus
    In-Person

    Wed 03 Jun 2026 @ 09:00 AM (CEST)

    CheckMates Live Denmark - Copenhagen
    CheckMates Events