Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
fabiofabio
Collaborator

cp_log_export destination folder

Hello,
I've seen many posts about this command but none of them specifically say where to find the destination path of the files, so I thought I'd create this discussion for people like me who can't figured it out.

my command is:

cp_log_export add name TEST target-server ******* target-port ** protocol tcp format cef encrypted true ca-cert /opt/CPrt-R80.40/log_exporter/test/ca.pem client-cert /opt/CPrt-R80.40/log_exporter/test/cp_client.p12 client-secret *****

 

i know after starting the service he create the target folder, but where is the destination files conf?

thanks a lot

0 Kudos
5 Replies
fabiofabio
Collaborator

i think i have some kind of problem with the certificates:

TcpTlsSender::MakeConnection: create new fwCert to CA succeeded

TcpTlsSender::MakeConnection: create ckpSSLparams_New succeeded

TcpTlsSender::MakeConnection: ckpSSL_Connect failed error: unknown

 

anyone have some ideas?

I had created the .pem and .p12 files from the target server and then transferred to the directory named in the command

0 Kudos
PhoneBoy
Admin
Admin

cp_log_export does not export logs to the local system at all.
It only sends them to the log server you're configuring. 
This might help for the problem you're having, though: https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solut... 

fabiofabio
Collaborator

i'm not trying to send the logs to the local system at all.

anyway, iv tried to follow the sk179757 you provided but in the capture there isn't the "Unknown CA"

Cattdfgfhgjhura.PNG

0 Kudos
PhoneBoy
Admin
Admin

I recommend getting the TAC involved here.

0 Kudos
fabiofabio
Collaborator

sorry, it's been a while because I was waiting to be given the certificates of the server in production. Now the certificates seem to work, I probably did something wrong creating them.
now i have the problem with the error:

SyslogTCPSender::connect: Failed to initialize socket (*.*.*.*:port)
TcpTlsSender::connect: Failed to create socket.

there is almost nothing on the internet, an sk and a discussion but they don't help... I open a TAC.

thanks anyway for the support!

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events