Could you share the commands or filters you are using?

The filters are same as you give on smartlog command would be 

For example to filter port 587

mgmt_cli show logs new-query.time-frame "today" new-query.filter "service:TCP_587 AND blade:Firewall"

Output in json

mgmt_cli show logs new-query.time-frame "today" new-query.filter "service:TCP_587 AND blade:Firewall" --format json > /tmp/test.json

 Then edit with jq or jq -r to get the desired output in csv

Or Directly convert those in csv using cplgv.exe from  C:\Program Files (x86)\CheckPoint\SmartConsole\R82\PROGRAM and select export option to choose log file name

or if you want to specifically select then

use fw log command for particular log file from $FWDIR/log and then fitler the traffic for Accept or Drop or use grep accordingly

What I want to do right now is extract data such as Time, Destination, Source User Name, Rule, Interface Direction, Policy Rule UID, Type, Interface, Source User DN, Machine Name, App Protocol, context_num, Policy Date, Service ID, Action, ID, Interface Name, Layer Name, Source Port, Product Family, Blade, Direction of Connection, lastupdatetime, Sequence Number, Source, Policy Name, id_generated_by_indexer, Database Tag, Log Server Origin, Service, connection_id, Origin, Marker, Destination Port, Protocol, High Level Log key, logid, sig_id, User, first, Policy Management, Destination Machine Name, and I want the values to be properly aligned in the corresponding columns when opened in Excel, just like when exporting from SmartView. Is that possible?

Then you should  use cplgv and export in csv

OR do that for every file then

fw log -l -n -p   /opt/CPsuite-R81.20/fw1/log/2025-09-03_000000.log  > /tmp/test.log

ChatGPT의 말:

Might be worth TAC case to confirm.

That seems small. For me, 'fwm logexport' usually goes from a 2 GB original file to about 35 GB of text. I wrote a post a while ago about how I deal with exported log data.

Gb range, sounds right.