Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Matlu
Advisor

Question about SmartView service in SMS

Hi, everyone.

A doubt, the "service" of SmartView, which is usually used from Checkpoint, I understand that to open it independently in a browser, I need to point to the "https://IP_Gestion_MGMT/Smartview , is correct????

For this to work, the SMS must have the "SmartEvent Server" and "SmartEvent Correlation"???? blades.

Greetings.

0 Kudos
20 Replies
G_W_Albrecht
Legend Legend
Legend

Why always have so much doubts, i would just ask my questions instead 😉

First question: Yes. https://<SMS IP>/smartview should do the trick.

Second question: No. SmartView Web Application is available even without SmartEvent Software Blade, but the default page is different. See https://sc1.checkpoint.com/documents/R81.10/WebAdminGuides/EN/CP_R81.10_LoggingAndMonitoring_AdminGu...

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist
0 Kudos
Matlu
Advisor

Thank you for your response.

My doubts are due to the fact that currently, when I try to access the Smartview, as you send the syntax in your answer, the browser, stays "thinking" and does not finish loading the SmartView page.

However, in my SMS I have hooked a dedicated SmartEvent, and in this device for example, I can access its "SmartView".

Regards.

0 Kudos
the_rock
Legend
Legend

Hey bro,

As Guenter said, you do NOT need smart event blades enabled to access smartview page. Btw, from my experience, most people use smartview option in S1C (Smart-1 cloud), not so much when using on-prem mgmt server. Also, what you could do is create dedicated smartevent server, just use same iso image as mgmt and when going through first time wizard, there is a point where you have to select management and at the bottom, make sure to select ONLY log server, thats it.

Hope that helps.

Andy

0 Kudos
G_W_Albrecht
Legend Legend
Legend

Could be this: https://community.checkpoint.com/t5/Management/smartview-server-certificate-is-invalid-after-enable/...

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist
0 Kudos
AkosBakos
Leader Leader
Leader

Hi Matlu,

To figure out thet the packet arrives to the SMS,  run a #tcpdump on the server. If arrives the try the following

  • clear your browser cache
  • try it in incognito mode
  • perform a #reboot, or a#cpstop;cpstart before you involve the TAC

They always ask you to reboot it first.

Otherwise, how much is your uptime? Which version is running?

Large uptime means (180+) the SMS is not patched regularly 🙂

BR

Akos

----------------
\m/_(>_<)_\m/
the_rock
Legend
Legend

All great points @AkosBakos 

0 Kudos
PhoneBoy
Admin
Admin

You run SmartView on your log or SmartEvent server.
While SmartView won't have SmartEvent functionality without the appropriate license, it should still let you view your traffic and audit logs.

0 Kudos
Amir_Senn
Employee
Employee

Allow me to elaborate.

The "SmartView" you access with the browser is not the SmartView application that is part of SmartEvent solution.

The "SmartView" you access with the browser is simply web based logs view. It acts the same as the regular logs viewer except the the logs view are different than SmartConsoles logs views. It was developed by SmartView team at the time as part of a web based solution for SmartView.

In general, SmartView is one of SmartEvent server applications and it index non-connection logs to display in views and reports. This won't be available on both SmartConsole and the web logs viewer if you don't have SmartEvent server. The only thing you'll see in the catalog (or "new tab") will be logs view and audit log view.

Kind regards, Amir Senn
0 Kudos
Matlu
Advisor

Hello,

Thank you for your reply.

This is the message that usually appears to me after a long time waiting for the SmartView web page of our SMS.

SV1.png

SV2.png

This is the way, as we tried to access the SmartView, of the SMS.

https://10.7.15.160/smartview/

The opposite happens, when I "point" to the SmartView of the SmartEvent we have, in this case, if it opens the web page.

Greetings.

0 Kudos
the_rock
Legend
Legend

Make sure there is no proxy configured that would interfere, unless there is supposed to be one. Does regular Gaia work?

Andy

0 Kudos
Matlu
Advisor

I don't have any PROXY active now on my PC.

The GAIA PORTAL is working normally.

The only problem is with the SmartView "service", which should be working in the SMS, but it is not.

I tried in incognito mode, and it doesn't open the SmartView either.
I have not yet restarted the SMS, because of the client's decision, and fear of some service "affectation".

Cheers. 🙂

0 Kudos
Tal_Paz-Fridman
Employee
Employee

Hi - a couple of questions:

Is it a Security Management Server machine or a Standalone machine?

If it's a Security Management Server do you also have Endpoint Policy Management active?

0 Kudos
Matlu
Advisor

Hello.

The following images may answer your questions.

It is a dedicated SMS (Smart-1)

SV4.pngSV3.png

Thank you for your comments and help. 🙂

0 Kudos
Tal_Paz-Fridman
Employee
Employee

Could you also try connecting from a different machine and browser?

0 Kudos
Matlu
Advisor

Hello,

I have tried it from other PCs, and also from our "Remote Access VPN" connection, and we have no positive results either.

Really, it is something strange.
I guess that the SmartView "service" of the SMS itself, should be able to work.

Regards.

0 Kudos
the_rock
Legend
Legend

Hey bro,

Something to confirm..

https://support.checkpoint.com/results/sk/sk167653

 

0 Kudos
the_rock
Legend
Legend

This is my lab and looks the same config, smartview works fine...

Screenshot_1.png

0 Kudos
Matlu
Advisor

Thanks, bro.

I have checked the SK, but in my case, if I get the list of correct IPs for the administration.

It seems to me that the SMS "reset" is an option that I will have to tell the client that we should apply.

I have noticed that the SmartConsole of R81.10, gives me too many problems (every now and then, "the SMC hangs"), I do not know if this is normal, and it is also related to the fact that it does not let me see the SmartView of the SMS.

These are ideas that cross my mind.

Greetings.

0 Kudos
the_rock
Legend
Legend

Have you tried cpstop; cpstart or reboot bro?

Andy

0 Kudos
Matlu
Advisor

It is a pending test.

I am still waiting for confirmation from my client.
He is afraid of a possible service disruption.

Maybe this is one of the last tests to be done, before sending the case to CT, since everything seems to be fine.

Cheers.

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events