Hello Mates,

Long story short, I had a smartEvent VM taking dust in R80.10, still configured in a R77.30 old CMA not in use anymore.

I’ve upgraded the VM in R81.10 and configured it in a new CMA (also in R81.10) as specified in the documentation https://sc1.checkpoint.com/documents/R81/WebAdminGuides/EN/CP_R81_LoggingAndMonitoring_AdminGuide/To... .

First, I couldn’t install the policy but the sk https://support.checkpoint.com/results/sk/sk113127 helped with it.

Now, policy is installed but I have the error message below while looking for the logs:

And in the CMA, the smartEvent object is in error with this message: “Error (CPSEMD not running)”

Management seems up and running on the VM, and the SmartEvent blades enable:

[Expert@SmartEvent:0]# /opt/CPsuite-R81.10/fw1/scripts/cpm_status.sh   

Check Point Security Management Server is running and ready

[Expert@SmartEvent:0]# evconfig

Please select the installation you would like to update

1) SmartReporter.                       (disabled, select to enable)

2) SmartEvent Server.                   (enabled, select to disable)

3) SmartEvent Correlation Unit.         (enabled, select to disable)

4) SmartEvent Intro.            (disabled, select to enable)

5) SmartEvent Intro Correlation Unit.   (enabled, select to disable)

Tried cpstop/cpstart and reboot but I keep having the error. cpsemd.elg is spammed with the messages below:

[CPSEMD 13615 4054460480]@SmartEvent[5 Feb 14:38:08] CDBConfiguration::RefreshStatus() - Failed to calculate available DB max size.
[CPSEMD 13615 4054460480]@SmartEvent[5 Feb 14:38:13] CRFLStatusFetcher::HandleResultFailed - CRFLStatusFetcher::HandleResult() - The reply from RFL is empty (status: 0)

Do you have a clue on what could be wrong with CPSEMD ?

Thanks!