This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
ANTONIO_OPROMO1
Participant
‎2017-08-23 08:14 AM
Jump to solution

Is there a document that list all the possible values for the Action column that I can have in the log for every different Blade?

Hi, I'm exporting the Check Point logs to and external syslog server by the CPLogToSyslog tool, and may be helpful to have a document that list all the possible values for the different column that I've got in the Check Point log file, for the different Blades, in manner to know all possible messages that on the syslog server I can receive and create filters before to sent to it on the Check Point Management server R80.10.

Thanks.

0 Kudos
1 Solution

Accepted Solutions
Kfir_Dadosh
Collaborator
‎2017-08-23 11:08 AM
Jump to solution

Below is a list of the possible actions (ignore the numbers in []).

I don't have a mapping per blade, but we are looking into making thing more clear as part of the LogOut project.

Hope this will be of some help:

Drop [6,0]; Reject [1]; Accept [2]; Encrypt [3]; Decrypt [4]; Hold [5]; VPN Routing [7];

Key Install [16]; Authorize [17]; Deauthorize [18]; Xlatehide [19]; XlateSrc [20];

xlateDst [21]; XlatePort [22]; Log In [23,37]; Bypass [30]; Inspect [31]; Quarantine [32];

Block [33]; Detect [34]; Replace Malicious Code [35]; Flag [36]; Log Out [38];

Do not send [39]; Send [40]; Expired [41]; Prevent [42]; Allow [43]; Inform User [44];

Delete [45]; Ask User [46]; Review [47]; IP Changed [48]; Packet Tagging [49]; Redirect [50];

HTTPS Inspect [51]; HTTPS Bypass [52]; UC Block [53]; Update [54]; Failed Log In [57];

Remote Wipe [58]; Reset Passcode [59]; Forgot Passcode [60]; Extract [61];

Open Shell [62]; System Backup [63]; System Restore [64]; Run Script [65]; Inline [8]

View solution in original post

2 Replies
Kfir_Dadosh
Collaborator
‎2017-08-23 11:08 AM
Jump to solution

Below is a list of the possible actions (ignore the numbers in []).

I don't have a mapping per blade, but we are looking into making thing more clear as part of the LogOut project.

Hope this will be of some help:

Drop [6,0]; Reject [1]; Accept [2]; Encrypt [3]; Decrypt [4]; Hold [5]; VPN Routing [7];

Key Install [16]; Authorize [17]; Deauthorize [18]; Xlatehide [19]; XlateSrc [20];

xlateDst [21]; XlatePort [22]; Log In [23,37]; Bypass [30]; Inspect [31]; Quarantine [32];

Block [33]; Detect [34]; Replace Malicious Code [35]; Flag [36]; Log Out [38];

Do not send [39]; Send [40]; Expired [41]; Prevent [42]; Allow [43]; Inform User [44];

Delete [45]; Ask User [46]; Review [47]; IP Changed [48]; Packet Tagging [49]; Redirect [50];

HTTPS Inspect [51]; HTTPS Bypass [52]; UC Block [53]; Update [54]; Failed Log In [57];

Remote Wipe [58]; Reset Passcode [59]; Forgot Passcode [60]; Extract [61];

Open Shell [62]; System Backup [63]; System Restore [64]; Run Script [65]; Inline [8]

ANTONIO_OPROMO1
Participant
‎2017-08-24 12:00 AM
In response to Kfir_Dadosh
Jump to solution

Thanks Kfir for this summary list.

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    CheckMates Events