This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Qixing_Cao
Explorer
‎2019-11-07 09:43 PM

Trouble with Generating over 30 days' Checkup Report in Large Environment

Respected Community Experts

Hi. I have met some trouble in a recent Checkup event. In customer's environment, the log files size is near 1-2GB a day, the duration of Checkup is over 2 months, so we need a Checkup Report of 60 days. But we find that it is impossible to generate the report, because all data in the preview window shows "query failed" after a short time. Even that, when trying export the report by using a scheduled task, it shows "failed" a few minutes later.

The deployment method is Distributed (One 23800 gateway to receive monitor traffic, one VM SmartCenter for management and Logging). And VM SmartCenter has 24 cores, 24GB memory (The usage of the system resource is not high in usual as we observed, and disk space usage is about only 25%). The activated blades are Firewall (no track action), IPS, Anti-Bot, Anti-virus, Threat Emulation. 

Has anyone met similar situation like this? 

0 Kudos
1 Reply
Dilian_Chernev
Collaborator
‎2019-12-20 02:45 AM

I had a similar problem - All reports for more than 20 days failed with "query failed" message.
But setup was quite different - separate SmartEvent VM server and 10-15 GB logs per day (all FW rules are logged and all other blades also).
Enlarging the resources of VM from 4 ->8 cpu cores and 8 -> 16GB RAM solved the problem.

Suggestion : try with a separate SmartEvent server on a VM
0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    CheckMates Events