Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
ANTONIO_OPROMO1
Participant
Jump to solution

Is there a document that list all the possible values for the Action column that I can have in the log for every different Blade?

Hi, I'm exporting the Check Point logs to and external syslog server by the CPLogToSyslog tool, and may be helpful to have a document that list all the possible values for the different column that I've got in the Check Point log file, for the different Blades, in manner to know all possible messages that on the syslog server I can receive and create filters before to sent to it on the Check Point Management server R80.10.

Thanks.

0 Kudos
1 Solution

Accepted Solutions
Kfir_Dadosh
Collaborator

Below is a list of the possible actions (ignore the numbers in []).

I don't have a mapping per blade, but we are looking into making thing more clear as part of the LogOut project.

Hope this will be of some help:

Drop [6,0]; Reject [1]; Accept [2]; Encrypt [3]; Decrypt [4]; Hold [5]; VPN Routing [7];

Key Install [16]; Authorize [17]; Deauthorize [18]; Xlatehide [19]; XlateSrc [20];

xlateDst [21]; XlatePort [22]; Log In [23,37]; Bypass [30]; Inspect [31]; Quarantine [32];

Block [33]; Detect [34]; Replace Malicious Code [35]; Flag [36]; Log Out [38];

Do not send [39]; Send [40]; Expired [41]; Prevent [42]; Allow [43]; Inform User [44];

Delete [45]; Ask User [46]; Review [47]; IP Changed [48]; Packet Tagging [49]; Redirect [50];

HTTPS Inspect [51]; HTTPS Bypass [52]; UC Block [53]; Update [54]; Failed Log In [57];

Remote Wipe [58]; Reset Passcode [59]; Forgot Passcode [60]; Extract [61];

Open Shell [62]; System Backup [63]; System Restore [64]; Run Script [65]; Inline [8]

View solution in original post

2 Replies
Kfir_Dadosh
Collaborator

Below is a list of the possible actions (ignore the numbers in []).

I don't have a mapping per blade, but we are looking into making thing more clear as part of the LogOut project.

Hope this will be of some help:

Drop [6,0]; Reject [1]; Accept [2]; Encrypt [3]; Decrypt [4]; Hold [5]; VPN Routing [7];

Key Install [16]; Authorize [17]; Deauthorize [18]; Xlatehide [19]; XlateSrc [20];

xlateDst [21]; XlatePort [22]; Log In [23,37]; Bypass [30]; Inspect [31]; Quarantine [32];

Block [33]; Detect [34]; Replace Malicious Code [35]; Flag [36]; Log Out [38];

Do not send [39]; Send [40]; Expired [41]; Prevent [42]; Allow [43]; Inform User [44];

Delete [45]; Ask User [46]; Review [47]; IP Changed [48]; Packet Tagging [49]; Redirect [50];

HTTPS Inspect [51]; HTTPS Bypass [52]; UC Block [53]; Update [54]; Failed Log In [57];

Remote Wipe [58]; Reset Passcode [59]; Forgot Passcode [60]; Extract [61];

Open Shell [62]; System Backup [63]; System Restore [64]; Run Script [65]; Inline [8]

ANTONIO_OPROMO1
Participant

Thanks Kfir for this summary list.

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events