Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
israelsc
Contributor
Jump to solution

Empty CSV files with SmartLog

Hi everyone!

I have a question about SmartLog.

I am trying to export logs in CSV format. When the query results appear as Type "log", the CSV files show data, but when the event type is "Correlated" logs, the exported CSV are empty and does not show data.

Any suggestions or something that I should be reviewing?
Regards!

0 Kudos
1 Solution

Accepted Solutions
PhoneBoy
Admin
Admin

If you want to do it in SmartView, you need to upgrade.
Otherwise, you'll have to parse the output of fw log and generate whatever format you're after.
If you upgrade to R80.40 with a recent JHF, you can do something like this, which I believe with a small modification will generate a CSV file: https://community.checkpoint.com/t5/API-CLI-Discussion/Using-Logs-API-to-see-Endpoint-VPN-Client-ver...

 

View solution in original post

0 Kudos
7 Replies
PhoneBoy
Admin
Admin

What version/JHF level?
And are you doing this in SmartConsole or SmartView?

0 Kudos
israelsc
Contributor

Version: R80.10 / hotfix take 278

 and I'm try it with SmartConsole

0 Kudos
PhoneBoy
Admin
Admin

First of all, R80.10 is very close to End of Support and you should upgrade ASAP.
Second, you will get far better results exporting CSV from SmartView: https://mgmt-ip/smartview  
SmartView in R80.10 is not as full featured, but it is much better in updated versions.
In SmartConsole, you will only get log entries that are visible when exporting via CSV, regardless of version.

0 Kudos
israelsc
Contributor

Hello

We successfully export logs with SmartView and display the information.
However, we need to know specifically, the number of users that use Enpoint Security Client in its version E84 onwards.
Is there a way to add an extra column to add the "Product version" in the log query on SmartView?

Regards!

0 Kudos
PhoneBoy
Admin
Admin

Not in R80.10.
You might also try this alternative that doesn’t use SmartView at all: https://community.checkpoint.com/t5/Scripts/Endpoint-Versions-ONELINER/m-p/106988#M737

0 Kudos
israelsc
Contributor

I tried to make the query by terminal, however, original requirement of our client is to generate a report or export it in a CSV file. The report that is needed should show the Endpoint Security Client versions of the end users.

is there any way to export the output of the command "fw log" to CSV format or some alternative with Smartview?

0 Kudos
PhoneBoy
Admin
Admin

If you want to do it in SmartView, you need to upgrade.
Otherwise, you'll have to parse the output of fw log and generate whatever format you're after.
If you upgrade to R80.40 with a recent JHF, you can do something like this, which I believe with a small modification will generate a CSV file: https://community.checkpoint.com/t5/API-CLI-Discussion/Using-Logs-API-to-see-Endpoint-VPN-Client-ver...

 

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events