This website uses cookies. By browsing this website, you consent to the use of cookies. Learn more.
OK
ABOUT CHECKMATES & FAQ
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Create a Post
Help
Highlighted
peter_schumache
Nickel
‎2019-11-09 03:39 AM

How to filter syslog messages in Smartlog

I configured my gateway to send its syslog messages to the SmartCenter Server according to sk102995.

 

To view the syslog messages in Smrtview Tracker, is says:

"In SmartView Tracker log, the informational field will should show "...system daemons syslog_severity..."

There is no way to define a query (in R80.20) for the "informational" Field. There is a field "Information", but again, no query available.

What did I miss?

0 Kudos
Reply
3 Replies
Highlighted
FedericoMeiners
Silver
‎2019-11-09 04:13 AM

Re: How to filter syslog messages in Smartlog

How did you set this up? It seems that you made it the old way

On GWs R80.X you can go to the System Logging (Gateway, not management) section on the web user interface, once there you will find a check box to send syslog messages to the management server. Page 190 from admin guide:

https://dl3.checkpoint.com/paid/8d/8dbd7585030bbad76a1e65c3b458f74c/CP_R80.10_Gaia_AdminGuide.pdf?Ha...

After doing this try some failed and valid log ins to the configured gateway check the logs.

Hope it helps!

___

 

____________
https://www.linkedin.com/in/federicomeiners/
0 Kudos
Reply
Highlighted
peter_schumache
Nickel
‎2019-11-09 05:19 AM

Re: How to filter syslog messages in Smartlog

I did it the new way, saying "send syslogs to SmartCenter".

The problem lies in prooving it. How can I display in Smartlog ONLY the messages from syslog?

0 Kudos
Reply
Highlighted
D_W
Nickel
‎2019-11-12 07:45 AM

Re: How to filter syslog messages in Smartlog

Try to add "blade:syslog" in the query.

0 Kudos
Reply