cancel
Showing results for 
Search instead for 
Did you mean: 
Post a Question
Michael_Horne
Michael_Horne inside Logging and Reporting 48 seconds ago
views 309 5

R80.20: Administrators cannot log into Web Smartview GUI

Hello,I have a management server running R80.20.Some administrators can log into the Smartview Web GUI, while some of them can. The affected administrators can log into the Smart Console. The can access the Log and Monitoring section and can query and view logs using SmartConsole. The same user is not able to connect to the SmartView Web GUI. The message "Invalid username and password"When you look at the active sessions in the SmartConsole you can see the user has a "SmartView" session.I have recreated the affected administrators.I have restarted the management server.Does anyone have any ideas?
Dan_Zada
inside Logging and Reporting 5m ago
views 508 13 4
Employee+

Log Exporter Filtering

Hello all,I'm happy to inform you that we added a new feature to the log exporter - the ability to filter logs.Starting today, you will be able to configure which logs will exported, based on fields and values, including complex statements.More information, including basic and advanced filtering instructions, can be found in SK122323.If you have any question or comment, let me know.Thanks!Dan.
S_E_
S_E_ inside Logging and Reporting 49m ago
views 13 1

SmartView web application delay

Hi,just looking at the feature SmartView web. Logs are visible and the search itself seems to be faster than SmartConsole. But I can't confirm the statement from the docu:It has the same real-time event monitoring and analysis views as SmartConsole.We could see a massive delay.Indexing is on.SMS R80.20 HF10Is this a feature or misconfiguration? Regards
Scott_Paisley
Scott_Paisley inside Logging and Reporting yesterday
views 26 1

Searching logs via description field

We enabled blocking traffic coming from known malicious IP addresses on our R77.30 gateways following sk103154which saysTo monitor the blocked IP addresses:In SmartView Tracker, search for "SecureXL message: Quota violation".That worked when the Tracker was R77, but in R80.20 when I search for that string I get zero results.Anyone else got it working?
Sergei_M
Sergei_M inside Logging and Reporting Tuesday
views 27

Log Exporter Reexport

For the purpose of restoration of logs after accidents we tried to apply command cp_log_export reexport. In practice unloading of logs was executed in the period of last 4 hours that did not suit us. Whether there is an opportunity to unload the logs fora longer period? How to make it?
sajin
sajin inside Logging and Reporting Monday
views 198 4

Smart Event not showing Accepted Log

Smart Event not showing Accepted and the Clean up rule is ANY ANY ALLOW. In the Event when i select the policy package in the filter, the ACCEPT logs shows 0. I changed the Log to Detailed and Extended and after the Accept log was available but when expanding the logs again it shows only DETECT logs.Please any one help on this issue.

CheckPoint SmartView Browser R80.30 Automatic text translation!

Hello.I noticed that General Overview is automatically translated into Russian after a certain period of time. How is this possible? R80.30, OS Win 7
Ugur_Urel
Ugur_Urel inside Logging and Reporting Saturday
views 150 2

User web activity application detection

Hi all,In the "Application and URL Filtering" report of the Smart Event, in the "high bandwidth user" view, for some users we see applications like "HTTP/2 over TLS" and "SSL Protocol". Beside these applications we can also see applications like youtube, facebook etc. (I have attached a picture from an example report)What we want to understand is what kind of access generates these traffics? ("HTTP/2 over TLS" and "SSL Protocol"). These applications seems like protocols, not applications, so in stead of these shouldn't we need to see the real application/site?

750 APPLIANCE REPORT l shows wrong

Dear Support, i have 750 appliances check point model when we chose the monthly reportsits shows the wrong data how can we resolve.
Shiran_wang
Shiran_wang inside Logging and Reporting Friday
views 102 2

5200 standaloe HA SmartEvent gray

5200 device upgrade to R80.10, after upgrade i found i can't enable SmartEvent due to this icon is gray,i checked official document, this document mention 5400 model can not be enable SmartEvent but no 5200 modelwhat should i do to enable SmartEvent blade?
Beverley_Cudd
Beverley_Cudd inside Logging and Reporting Friday
views 254 3

Smartview Monitor stops running

We are running Smartview monitor on R80.10 and it seems to go down without reason.I have already had to restart it on our external cluster but today have tried to use is on all 4 firewalls and all 4 are showing down.I have rerun the command rtmstop && rtmstartto stop and restart it on one of them which brought it back to life.Question is why does it keep going down.
George_Dumitru
George_Dumitru inside Logging and Reporting a week ago
views 38

R80.10 Log Exporter logs

Hello,I've configured the Log Exporter T51 in order to send logs to ArcSight and afterwards I've noticed a continuous daily increase in used disk space on the root partition.I've found the log_indexer.elg.* files (each 20 MB in size) in /opt/CPrt-R80/log_exporter/targets/<name>/log/log_indexer.elg.*Is there an automatic purge mechanism in place for these log files? Are old ones going to be removed?Thanks,George
Adiel_Ashrov
inside Logging and Reporting a week ago
views 3215 2 2
Employee

How to exclude the SmartEvent object from the SSL Inspection group

Hello All,I'm reviewing sk112814 which explains how to overcome the the following error."SmartView server certificate is invalid" error when opening a new tab in the R80 SmartConsole "logs & monitor" In the solution steps it is said that one should exclude the SmartEvent object from the SSL inspection group, but I haven't found straight forward instructions on how to perform this step online.Any assist with screen shots will be much appreciated.Regards,AdielKobi Eisenkraft‌
Valeri_Loukine
inside Logging and Reporting a week ago
views 157 1
Admin

White Paper - SMS and EPM log integration using SmartLog

Author Derek O'Flynn @Derek_OFlynn Abstract: For customers that are utilizing a SMS for gateways and SmartLog/SmartEvent integration adding Endpoint requires connecting to multiple consoles to view and respond to log data. This paper allows configuration of the primary SMS to read logs from EPM for less complexity. Information below references sk35288 (Step1) but this paper focuses on EPM integration specifically.
Baasanjargal_Ts
Baasanjargal_Ts inside Logging and Reporting a week ago
views 180 1

Generate report from command line

Is this possible to generate reports from the command line when deployed Standalone installation on CP5400 device.