Are you a member of CheckMates?
×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
When the indexes are pruned by either the built-in 14 day limit or the one we specify manually, our ability to search the logs becomes limited. Can someone explain to me what are the search limitations for plain logs?
In the example below, the search for Facebook in current log [1] could be performed even with free form search, but to illustrate the differences, I am doing it using field:parameter format.
In [2], same search yields no results.
In [3], we can see that [2] really should've returned the logs.
Unless I am missing something.
Please let me know
