- Products
- Learn
- Local User Groups
- Partners
- More
On-Premise SD-WAN Management
Register HereWhat's New in R82.10?
Watch Here AI Security Masters E8:
Claude Mythos: New Era in Cyber Security
CheckMates Go:
The Moment Before
Hello All,
I was generating a report for one of our domains, and I could see that the report returned too few data compared to the logs on the same timespan. In comparison, for another domain that we also have, the report showed all the expected data. Have you already faced something like this? I tried to generate the logs both on SmartView and SmartConsole and the outcome was the same, removed any filters but still the behavior continues. This is a multidomain environment, and these two domains I mentioned are managed by the same Manager.
Attached are some screenshots showing the issue. They were all filtered for the last 24 hours and on that example, the host with the Brazil's flag on the report returned 1 log but on the logs view returned much more
Version/JHF of management?
What is the nature of the rules related to the traffic you're trying to run reports on?
Specifically, are they rules that involve Applications (versus Services)?
Hello PhoneBoy,
The version is R81.10 JHF take 150. The report in this case is the Network Activity standard report that came with the box, it's being used to get details from the firewall blade and firewall rules
I found in the lab, since I run dedicated smart event, there were way more options when I upgraded to R81.20 originally. Now, its on jumbo 76, so definitely something to think about.
If there is specific report you want me to test, please let me know.
Andy
Firewall Blade meaning only simple TCP/UDP services in your rulebase, correct?
Activity with these rules are not indexed by SmartEvent by default.
Ensure that firewall sessions are enabled on the various rules by right-clicking on the Track field and enabling the appropriate checkbox.
Hello Guys,
Thanks for the reply.
That's right, the report that I'm trying to generate are using the rule based on TCP/UDP ports
I've checked here, most of the rules are with the log option enabled. I could see that some of the options you have checked I don't have, however I could see on the report that there are more data for blocked packets than for accepted, and the deny rules are using the same log options as the accept rules.
You need to check "accounting" to see it all.
Andy
Hello the_rock
Sorry for the long time without reply, The folks that manage these firewalls are applying the accounting option. I will post here later if it worked.
No problem!
Leaderboard
Epsum factorial non deposit quid pro quo hic escorol.
| User | Count |
|---|---|
| 12 | |
| 5 | |
| 4 | |
| 3 | |
| 3 | |
| 2 | |
| 2 | |
| 1 | |
| 1 | |
| 1 |
Tue 14 Jul 2026 @ 10:00 AM (PDT)
AI Security Masters E11: READY OR NOT: Securing the AI Enterprise 3/5 - AI Workforce SecurityThu 30 Jul 2026 @ 10:00 AM (PDT)
AI Security Masters E12: READY OR NOT: Securing the AI Enterprise 4/5 - AI GatewayThu 20 Aug 2026 @ 10:00 AM (PDT)
AI Security Masters E13: READY OR NOT: Securing the AI Ent 5/5 - AI Research & Threat LandscapeTue 14 Jul 2026 @ 10:00 AM (PDT)
AI Security Masters E11: READY OR NOT: Securing the AI Enterprise 3/5 - AI Workforce SecurityThu 30 Jul 2026 @ 10:00 AM (PDT)
AI Security Masters E12: READY OR NOT: Securing the AI Enterprise 4/5 - AI GatewayThu 20 Aug 2026 @ 10:00 AM (PDT)
AI Security Masters E13: READY OR NOT: Securing the AI Ent 5/5 - AI Research & Threat LandscapeAbout CheckMates
Learn Check Point
Advanced Learning
YOU DESERVE THE BEST SECURITY