cancel
Showing results for 
Search instead for 
Did you mean: 
Post a Question

fwlog for R77.30

Hi CheckMates,

I am checking how to operate CheckPoint appliances of R77.30.
Please tell me the operation method below.

1. What is the command to check the default log storage capacity?

2. Can it adjust the log retention period?

3. How do I set log rotation?

4. How do I transfer logs to an external server?

Best,

Suguru

3 Replies
Admin
Admin

Re: fwlog for R77.30

The amount of storage you have is a function of the size of your /var/log partition on your appliance/VM.

[Expert@Mgmt:0]# df
Filesystem                      1K-blocks     Used Available Use% Mounted on
/dev/mapper/vg_splat-lv_current  31995824 20655304   9715228  69% /
/dev/sda1                          295561    37378    242923  14% /boot
tmpfs                             8151708        4   8151704   1% /dev/shm
/dev/mapper/vg_splat-lv_log     182833140 80374712  93021244  47% /var/log

Log retention period is a function of disk space, not necessarily time (though you can age log indexes based on # of days).

Logs can be rotated on either a size basis (up to 2GB) or time basis (note in R80.x this happens at midnight daily).

Both are configured here:

Logs are stored in $FWDIR/log on Management or Log server (depending on your configuration) and can be transferred to another system with standard Linux file transfer tools. 

Re: fwlog for R77.30

Hi Dameon,

Thank you for your information.

Best,

Suguru

0 Kudos
Jerry
Gold

Re: fwlog for R77.30

also

you can check that sk for the maintenance of the logs and its storage capacity + sanity check with clean-up procedures, hope you find it helpful Smiley Happy

sk33306 (wonder why I cannot  find it having an expert mode on UC?)

look at and watch out at the following spaces:

$CPDIR/log

$FWDIR/log

/var/CPbackup

/var/CPsnapshot

also search (once you have got some disk space issues) for so called "core files" by issuing a command

find  / -name "core"

you may find lots of useless (at this stage) files which can be safely removed Smiley Happy

Good luck!

--jerry--

Jerry