There have been frequent articles at CheckMates over the years complaining that when a seemingly valid search of indexed logs is performed in the SmartConsole, no matching results are returned even though the text searched for is clearly present in the log card. The answer usually given in response is that the field in question was not "indexed" and therefore not searchable. While one could poke about in the /opt/CPrt-R81.10/log_indexer/conf/LogFields.xml to determine which fields are indexed (thanks to @Vladimir for posing a question privately while he was writing his recent book that led to that discovery), the syntax of this file did not exactly make for easy reading.
As a result I submitted a request awhile back for sk144192: Description of Fields in Check Point Logs to be updated reflecting which specific fields are indexed, and also in which version they became indexed if they were not always so. I'm pleased to report thanks to Sergei Shir that this update is now complete, which should make life a little easier for you frustrated log searchers out there:
| User | Count |
|---|---|
| 5 | |
| 5 | |
| 5 | |
| 4 | |
| 3 | |
| 3 | |
| 3 | |
| 2 | |
| 2 | |
| 1 |
Mon 25 Nov 2024 @ 02:00 PM (EST)
(Americas) AI Series Part 3: Maximizing AI to Drive Growth and EfficiencyTue 26 Nov 2024 @ 10:00 AM (CET)
EMEA Session: Automated Collaborative Prevention with 3rd Party Endpoint SolutionsTue 26 Nov 2024 @ 03:00 PM (CET)
Navigating NIS2: Practical Steps for Aligning Security and ComplianceTue 26 Nov 2024 @ 05:00 PM (CET)
Discover the Future of Cyber Security: What’s New in Check Point’s Quantum R82Tue 03 Dec 2024 @ 10:00 AM (GMT)
UK Community CNAPP Training Day 1: Cloud Risk Management WorkshopTue 03 Dec 2024 @ 05:00 PM (CET)
Americas CM Session: Automated Collaborative Prevention with 3rd Party Endpoint SolutionsMon 25 Nov 2024 @ 02:00 PM (EST)
(Americas) AI Series Part 3: Maximizing AI to Drive Growth and EfficiencyTue 26 Nov 2024 @ 10:00 AM (CET)
EMEA Session: Automated Collaborative Prevention with 3rd Party Endpoint SolutionsTue 26 Nov 2024 @ 03:00 PM (CET)
Navigating NIS2: Practical Steps for Aligning Security and ComplianceTue 26 Nov 2024 @ 05:00 PM (CET)
Discover the Future of Cyber Security: What’s New in Check Point’s Quantum R82Tue 03 Dec 2024 @ 05:00 PM (CET)
Americas CM Session: Automated Collaborative Prevention with 3rd Party Endpoint SolutionsTue 03 Dec 2024 @ 10:00 AM (GMT)
UK Community CNAPP Training Day 1: Cloud Risk Management WorkshopWed 04 Dec 2024 @ 10:00 AM (GMT)
UK Community CNAPP Training Day 2: Cloud Risk Management Workshop
.png "Wolfgang"){kind=avatar}
