Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Ihenock1011
Advisor
Jump to solution

Log retain policy for CP

Hi All,

I have checkpoint security gateway r81.10 and also dedicated log server I want to know the default log retention policy for checkpoint logs. Until when will the log remain on the server, and where exactly can we find the older log files?

Thanks,

0 Kudos
1 Solution

Accepted Solutions
PhoneBoy
Admin
Admin

You configure the Retention Policy on the relevant management/log server object.
These are the defaults from the R82 EA, but it's similar in other versions:

image.png

Logs outside of this configured criteria are deleted.
The files in $FWDIR/log need to be copied off to a separate system if you wish to keep them for longer.
Note that are multiple log files (e.g. log-file-name.log*) and all the files are needed.

View solution in original post

4 Replies
Chris_Atkinson
Employee Employee
Employee

It's typically a little more involved if you are asking for a "time" metric

What is the log rate and how much storage / space does the log server have?

CCSM R77/R80/ELITE
0 Kudos
the_rock
Legend
Legend

I am pretty sure if no settings are changed on the log server itself, it would only start deleting old log files once disk space is full. By default, it rotates to new log file every night at midnight, or when log file reaches 2 GB in size, whichever comes first.

Those are stored in $FWDIR/log directory on the mgmt server.

I will send you some screenshots shortly from R81.20 lab. Version does not matter, its been the same way for probably 20+ years now.

Andy

the_rock
Legend
Legend

Hopefully screenshots attached in word doc help.

Andy

0 Kudos
PhoneBoy
Admin
Admin

You configure the Retention Policy on the relevant management/log server object.
These are the defaults from the R82 EA, but it's similar in other versions:

image.png

Logs outside of this configured criteria are deleted.
The files in $FWDIR/log need to be copied off to a separate system if you wish to keep them for longer.
Note that are multiple log files (e.g. log-file-name.log*) and all the files are needed.

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events