1) No, no changes have been made.
2) Open Log Files has data for later dates. We think this is a cosmetic problem, but we don't know how to fix it.

Run "ls $FWDIR/log/" on your log server and check if you indeed have those log files.

Yes, these magazines are available. Because when we click on a file in "Open Log Files...", the logs from earlier months are opened.

If you have them in the log files you can open them with and see them in non-index mode. If you want to index them you can use the following sk:

https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solut...

But I recommend not to index all at once. Depending on the amount of logs you have this could put some strain on the log server.

Do I understand correctly that the indexing option can also be configured in Daly Logs Retention Configuration? Or is it recommended to work only with sk111766?
Could you describe in more detail the nature of the two settings in this window?
As I understood the first setting "Keep indexed logs for no longer than" answers the number of days for indexed logs. And the parameter "Keep log files for an extra" is responsible for the number of days that can be indexed? How would you recommend to configure these parameters, so that we can look through the logs for at least the last 2 months?

In the daily retention you can set how long to keep the logs and indexes but not re-index them.

We have the logs and we have the indexes. Normal search in the logs view will work only if you have indexes but if the log files still exist you can open them (but one at a time though) and they could still be re-indexed any time.

So you can keep the indexes for X days and that is the amount of day you can search in the logs view without opening the log files one at a time. The logs are stored for extra Y days, which mean you will have long retention of X+Y.

The amount of days that I can recommend could vary over some factors. I think that using the retention by disk space is fine, just make sure that 10% is above 10 GB or something else you're comfortable with.

There is a setting for SmartLog Daily Logs Retention Configuration found in SMS object > Logs > Storage that is set to:

Keep indexed logs for no longer than one day

Keep log files for an extra 3 days

We have these settings. Should we edit them? How would you recommend editing them?

That's up to you preferences on how long you want to keep the logs. If you want to keep them as long as you can you can keep the disk space management of deleting the oldest once getting below 10%, this also depends on the volume of your log partition.

We have files with old logs in "Open Log Files...", but they do not show up in a simple SmartConsole search. That is, we observe a cosmetic error that we cannot search logs older than 20 days. There is disk space (more than 60% of the logs memory is free) and the logs are not deleted. Maybe there is a way to fix the cosmetic log display problem?

Check what are your oldest indexes here on the log server with "ls $RTDIR/log_indexes/"