Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
sabeelshakeel
Participant

Cannot See firewall logs on SMS from gateways (R81.20)

Hi, 

I have an SMS hosted in a datacenter,  and  security gateways across two sites. The security gateways have been configured (via smart console) to send logs to the SMS. The gateways have monitor blades assigned to them and the SMS has the logging & Monitoring blade too, but I cannot see any firewall logs in smart console.

Please can someone guide me as to how i can get this set-up and working ? Log-indexing is also enabled.

Best Regards,

Sabeel

 

0 Kudos
4 Replies
_Val_
Admin
Admin

Check if your GWs are logging locally or not. Also, do the following:

1. Please make sure you performed "Install Database" on your SMS after configuring the GWs.

2. I assume that SIC is working and you can install policy on both GW objects, which means the general connectivity is fine. However, please check it and reconfirm, just to be sure.

3. If logs are to be sent via WAN, check that you configured NAT for your SMS correctly. You may need to set up a dummy SMS object with a public IP.

 

0 Kudos
sabeelshakeel
Participant

Hi,

 

I have installed the database on the SMS (successfully, with no errors), but still cant see firewall logs.

 

The SIC is working fine and traffic is passing the firewall fine, as it in production at the moment.

The traffic is passing through the WAN, but the WAN is private and the SMS and Gateways can communicate fine with each other.

0 Kudos
_Val_
Admin
Admin

Please check if your GWs are storing the logs locally. You can see the FW logs in $FWDIR/log folder. 

Also, open a SmartView tracker (it is a legacy logging application available with your SmartConsole installation) and check if you can see logs there.

0 Kudos
Chris_Atkinson
Employee Employee
Employee

Which JHF version are used on the Gateway & Management?

 

See also:

sk112162: Security gateway logging issues

sk38848: Basic Workflow for Troubleshooting Logging

sk40090: Troubleshooting Check Point logging issues when Security Management Server / Log Server is not receiving logs from Security Gateway

CCSM R77/R80/ELITE
0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events