Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Highlighted
Contributor

Find the log file size from gateway

Hi All

We have 3 gateways (Gaia R77.30) in 3 different sites  and Management server in other  site,  all 4 sites have a MPLS connectivity, all 3 gateways are sending logs to management server.

Is there any way to find how much logs are send from  Each gateway to management server?.

appreciate your help.

4 Replies
Highlighted
Advisor

Hi,

Don't know about a way to find out from each gateway. You can run this command on your management server (R80.x) in expert mode to find log receive rate from each individual gateway at the moment:

cpstat mg -f log_server

If it's possible to stop two of the gateways from sending logs to managment and instead locally for a while. Then you can run this while you test for the remaining gateway How to calculate/count the total amount of FireWall Logs per second that arrive to Security Manageme...

After you have stopped two of the gateways from logging to management you could also have run the command fw logswitch to rotate the active log file and to see the size increase for the remaining gateway in fw.log.  

Hope you get a better solution. 

Highlighted
Employee+
Employee+

'cpstat mg -f log_server' should already show the results per gateway, no need to stop the other two gateways.

HTH

 Yonatan 

Highlighted
Explorer

Hi ,

 

How to check logs sent per gateway for R77.30 management. it is for R80 as per sk120341. 

We are going to configure new management as we will be migrating to a new VM having R80.20. need to understand  how much disk space should be provisioned for this. 

 

we have TB of logs space and it get filled in 3 days 😄

 

Thanks !!

 

0 Kudos
Highlighted
Employee+
Employee+

General answer

to sum entire Log Dir (on Mgmt/Log-Server):

  du -sh $FWDIR/log/

a specific day (Aug-26th - 2019)

  du -sh $FWDIR/log/2019-08-26*.log

(Add ~6% if you just count the .log, as it's simpler)

I'd calculate your log dir size of one day & choose storage accordingly.

 

for per GW on R77.x

Ed's suggestion or probably simpler:

Open SmartviewTracker > Pick a closed log-file (a representative avg one) > Filter by your chosen GW's origin > Count no. of logs.

Calculate the time-frame of this log-file: between the previous one's closing time & this one's closing time.

Extrapolate this GW's no. of logs to a full day and so on...

 

for per GW on R80.x onwards

You'll be able to easily use the cpstat mg/ls -f log_server/logging on your Mgmt/LS, as suggested already.

for a GW: cpstat fw -f log_connection

0 Kudos