cancel
Showing results for 
Search instead for 
Did you mean: 
Create a Post

how to forwad firewall log to 3rd party syslog server

Hi.

I'd like to forward firewall log to 3rd party syslog server.

but only get as follows.

Mar  5 10:15:12 192.168.90.8 CP-GW
Mar  5 10:15:12 192.168.90.8 CP-GW
Mar  5 10:15:12 192.168.90.8 CP-GW
Mar  5 10:15:12 192.168.90.8 CP-GW

probably I need something change on rsyslog.conf

anybody know how to fix it ?

0 Kudos
6 Replies
Admin
Admin

Re: how to forwad firewall log to 3rd party syslog server

The best way to do this at the moment is using the CpLogToSyslog tool: How to export Check Point logs to a Syslog server using CPLogToSyslog 

In the near future, a different tool will be available for this.

0 Kudos

Re: how to forwad firewall log to 3rd party syslog server

I found issue CPlog2Syslog port 18184 crash and waiting TAC provide new tool.

Hope the new tool can solved my issue.

0 Kudos
Roi_Elbaz
Ivory

Re: how to forwad firewall log to 3rd party syslog server

I'm waiting too ....

0 Kudos

Re: how to forwad firewall log to 3rd party syslog server

The new tool works on my lab. I'll deploy on production next week.

0 Kudos

Re: how to forwad firewall log to 3rd party syslog server

We could solve this problem Smiley Happy

rsyslog.conf like follows.

$template RawMsgOutputFormat, "%TIMESTAMP% %HOSTNAME% %rawmsg%\n"

:fromhost-ip,isequal,"IP-ADDR" -/var/log/fw/fw.log;RawMsgOutputFormat

hope someone's help.

Highlighted
Employee+
Employee+

Re: how to forwad firewall log to 3rd party syslog server

Hello,

 

A new log exporting tool has been released. This tool will be replacing CPLogToSyslog.

You can find all relevant details in Logs Exporter - Check Point Logs Export.

 

It can work on any port in either TCP or UDP.

Regards,

 Yonatan 

0 Kudos