Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Pedro_Boavida
Contributor
Contributor

SmartLog

Hi community,

SmartLog is very powerful and very nice for many purposes, but I'm missing some features that previously existed (on R77 and smartview tracker), namely:

When I open Log View, I see on the lower frame three tabs [ Connections, URLs, Files ]. However, as soon as there is some log entries retrieved, the connections tab just disappear. As long as there are no entries that tab actually lives....

I was expecting to see the query results timeline..... is this deprecated ?

Previously there was also some sort of indicator for database occupation metrics (disk information, indexes, other). Its not there anymore and it was usefull.

If I need to perform some research / forensics through the logs, I find it hard to scroll through older logs. For example, if I set a filter with a specific time period of 1 hour and I get 1M entries as result how can I go to the oldest record ? There is no jump to the end of the results. The retrieve window fetches 50 entries at a time, which is not suitable to go through all those logs (wondering if one can customize it). Also, there is no way to sort the time columm in order to invert the results. Doing more strecht time windows is not so pratical though.

At last, if I need to "import" an older log file that I saved long time ago (and such data in not available anymore in database), how can I do it ? Should I rely on CPlvg application or is there any other means ?

I've tried to find answers and I went though some troubleshooting but didn't figure it.

Regards,

PB

1 Reply
PhoneBoy
Admin
Admin

You note a few known issues above that we plan to address in later releases.

You can import older logs so they are indexed as noted in this thread: https://community.checkpoint.com/message/12803-smartlog-only-look-back-14-days-how-to-reindex-90-day... 

If you want to view an older log file without indexing it, SmartView Tracker is still present (as you noted) though it is no longer formally supported.

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events