Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
nesa0210
Explorer

Traffic logs ports

Hello,

 

I am trying to find a way to search by destination port (TCP, UDP, ICMP...) in the infinity portal (Harmony Connect). Internet&Network Access ->Traffic logs. Is there a guide explaining what fields can we use for predefined search filters: Source, Destination, Service...?

I am looking to search for TCP 8883 for example. 

 

Thanks,

Nenad

 

 

5 Replies
PhoneBoy
Admin
Admin

You should just be able to search for 8883 and get anything that mentions it (either source or destination port most likely).
I presume if you want to search on the service field (where TCP 8883 would appear), you can do a service:8883 as the search term.
See also (syntax should be the same in Infinity Portal): https://sc1.checkpoint.com/documents/R81.20/WebAdminGuides/EN/CP_R81.20_LoggingAndMonitoring_AdminGu...

the_rock
Legend
Legend

That would be syntax port:8883

nesa0210
Explorer

None of these work for me (searching using Service or Port). Maybe the issue is that when I find traffic (using the source and destination IP) I see "tcp-high-ports" as a service. Why not displaying exact port number?

 

PhoneBoy
Admin
Admin

Presumably because this is the service the port is matching.
It should show in the log card if you click on the entry.

Andrey_Kondor_1
Explorer

Hi! There is no port number for service in the log card. It shows only in Dashboard, not in SmartVew web console.

Upcoming Events

    CheckMates Events