This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Matlu
Advisor
‎2024-01-10 06:19 AM

Automatic deletion of logs.

Hello,

What is the best way to "determine" if my SMS is deleting my oldest logs?

What we want to know is, if we can have a control over the logs, to avoid that the path where the logs are stored, fill up and saturate the SMS disk.

How many days by default does an SMS store logs when it has a Cluster attached to it?

Greetings.

0 Kudos
4 Replies
Chris_Atkinson
Employee Employee
Employee
‎2024-01-10 06:43 AM

Options exist within SmartConsole to control retention behavior, typically this is based on remaining space metrics either capacity threshold or percentage based.

Other metrics aren't so uniform and might vary significantly from one environment to the next based on logging rates / volume of managed gateways etc

CCSM R77/R80/ELITE
0 Kudos
Matlu
Advisor
‎2024-01-10 06:51 AM
In response to Chris_Atkinson

Hello,

I would like to find the oldest logs that are stored in my SMS, and be able to "export" them to an external device.

I understand that the oldest logs, I could see them in the route of
"cd /var/log/opt/CPsuite-R80/fw1/log", right?

We want to find a way, for example, that the SMS only stores the last 30 days of logs, and that after that time, it can "overwrite" them automatically, so that we have control over the storage.

0 Kudos
the_rock
Legend
Legend
‎2024-01-10 06:56 AM
In response to Matlu

Hey bro,

Links @G_W_Albrecht gave are amazing reference.

Best,

Andy

0 Kudos
G_W_Albrecht
Legend Legend
Legend
‎2024-01-10 06:47 AM

See https://community.checkpoint.com/t5/General-Topics/Define-log-retention/m-p/54642#M10915 for the settings. Manual check can be perfomed by looking into $FWDIR/log/ directory on Security Management Server.

 

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    CheckMates Events
    Top