cancel
Showing results for 
Search instead for 
Did you mean: 
Create a Post
Shivajith_S
Nickel

forward tracker logs

Jump to solution

Hi Experts ,

Need advice on the following , I need to forward tracker logs to Syslog server but i am not able to find the syslog server to forward logs as shown below .

Is there any ways to do it to forward tracker logs....

Regards,

Shiva.

1 Solution

Accepted Solutions

Re: forward tracker logs

Jump to solution

The settings you are trying to use are to forward your Check Point logs periodically to another Check Point Log server. It will not work for a syslog server or a SIEM.

To set up log export to syslog from your central management log servers, please refer to sk122323

View solution in original post

0 Kudos
10 Replies

Re: forward tracker logs

Jump to solution

The settings you are trying to use are to forward your Check Point logs periodically to another Check Point Log server. It will not work for a syslog server or a SIEM.

To set up log export to syslog from your central management log servers, please refer to sk122323

View solution in original post

0 Kudos
Shivajith_S
Nickel

Re: forward tracker logs

Jump to solution
  • From sk122323 is it possible brief following bold points..   

R80.10

Install this release on a R80.10 Multi-Domain Server, Multi-Domain Log Server, Security Management Server, Log Server or SmartEvent Server.
Note: Log Exporter can be installed on top of R80.10 Jumbo Hotfix Take 56 and above.

**This hotfix must be installed after the Jumbo, and will need to be uninstalled to upgrade to a higher Jumbo take, and then reinstalled after the newer Jumbo is in place. 

  • May I Know installing the following hot fix help to achieve the target  Check_point_CPlogToSyslog_R80.1_GA_jhf_T42_fULL.tgz  ? 

0 Kudos

Re: forward tracker logs

Jump to solution

You do not need this hotfix, if your Jumbo take is above 56 with R80.10. Otherwise, please open a support request to get it from TAC

0 Kudos

Re: forward tracker logs

Jump to solution

I would rather go with sk122323 Log Exporter - Check Point Log Export and Check_Point_R80.10_Log_Exporter_T35_sk122323_FULL.tgz. sk115392 How to export Check Point logs to a Syslog server using CPLogToSyslog is the older tool (Check_Point_CPLogToSyslog_R80.10_GA_jhf_T56_FULL.tgz).

0 Kudos

Re: forward tracker logs

Jump to solution

Hi Gunter, this was my original recommendation. Do I miss something?

0 Kudos

Re: forward tracker logs

Jump to solution

Yes, we did agree completely in our suggestions 😉 I did reply to the message from Shivajith S @ Valeri Loukine am 04.07.2018 15:21 more than to yours.

Als richtig markieren
Richtige Antwort

Shivajith_S
Nickel

Re: forward tracker logs

Jump to solution

Instead of going for CPLogToSyslog , Log Exporter-Check Point Log Export will help to achieve the target to forward the tracker log to syslog ?

May I know which version of Log Exporter need to install is it T35 which you mentioned, or how should I select the correct suitable version ?

0 Kudos

Re: forward tracker logs

Jump to solution

As Valeri says in his initial reply Log Exporter doesn't forward the Tracker log file, but sets up a syslog feed of the log events to a syslog server. If this is what you want to achieve, then the answer is yes.

And yes T35 is the latest R80.10 version available. 

0 Kudos

Re: forward tracker logs

Jump to solution

Can someone tell me if using Log Exporter to forward all logs from the management server, will I still be able to view my logs in Tracker AND on the syslog server?  Or will the logs now go directly to the syslog server and only be viewable from there?

0 Kudos
Admin
Admin

Re: forward tracker logs

Jump to solution

Log Exporter sends the logs to the configured syslog server.

It does not remove the logs from the management, so they can be viewed in SmartLog or SmartView.

0 Kudos