- CheckMates
- :
- Products
- :
- General Topics
- :
- Cannot See firewall logs on SMS from gateways (R81...
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Are you a member of CheckMates?
×- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Cannot See firewall logs on SMS from gateways (R81.20)
Hi,
I have an SMS hosted in a datacenter, and security gateways across two sites. The security gateways have been configured (via smart console) to send logs to the SMS. The gateways have monitor blades assigned to them and the SMS has the logging & Monitoring blade too, but I cannot see any firewall logs in smart console.
Please can someone guide me as to how i can get this set-up and working ? Log-indexing is also enabled.
Best Regards,
Sabeel
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Check if your GWs are logging locally or not. Also, do the following:
1. Please make sure you performed "Install Database" on your SMS after configuring the GWs.
2. I assume that SIC is working and you can install policy on both GW objects, which means the general connectivity is fine. However, please check it and reconfirm, just to be sure.
3. If logs are to be sent via WAN, check that you configured NAT for your SMS correctly. You may need to set up a dummy SMS object with a public IP.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi,
I have installed the database on the SMS (successfully, with no errors), but still cant see firewall logs.
The SIC is working fine and traffic is passing the firewall fine, as it in production at the moment.
The traffic is passing through the WAN, but the WAN is private and the SMS and Gateways can communicate fine with each other.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Please check if your GWs are storing the logs locally. You can see the FW logs in $FWDIR/log folder.
Also, open a SmartView tracker (it is a legacy logging application available with your SmartConsole installation) and check if you can see logs there.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Which JHF version are used on the Gateway & Management?
See also:
sk112162: Security gateway logging issues
sk38848: Basic Workflow for Troubleshooting Logging
sk40090: Troubleshooting Check Point logging issues when Security Management Server / Log Server is not receiving logs from Security Gateway