Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Shivajith_S
Contributor
Jump to solution

forward tracker logs

Hi Experts ,

Need advice on the following , I need to forward tracker logs to Syslog server but i am not able to find the syslog server to forward logs as shown below .

Is there any ways to do it to forward tracker logs....

Regards,

Shiva.

1 Solution

Accepted Solutions
_Val_
Admin
Admin

The settings you are trying to use are to forward your Check Point logs periodically to another Check Point Log server. It will not work for a syslog server or a SIEM.

To set up log export to syslog from your central management log servers, please refer to sk122323

View solution in original post

0 Kudos
10 Replies
_Val_
Admin
Admin

The settings you are trying to use are to forward your Check Point logs periodically to another Check Point Log server. It will not work for a syslog server or a SIEM.

To set up log export to syslog from your central management log servers, please refer to sk122323

0 Kudos
Shivajith_S
Contributor
  • From sk122323 is it possible brief following bold points..   

R80.10

Install this release on a R80.10 Multi-Domain Server, Multi-Domain Log Server, Security Management Server, Log Server or SmartEvent Server.
Note: Log Exporter can be installed on top of R80.10 Jumbo Hotfix Take 56 and above.

**This hotfix must be installed after the Jumbo, and will need to be uninstalled to upgrade to a higher Jumbo take, and then reinstalled after the newer Jumbo is in place. 

  • May I Know installing the following hot fix help to achieve the target  Check_point_CPlogToSyslog_R80.1_GA_jhf_T42_fULL.tgz  ? 

0 Kudos
_Val_
Admin
Admin

You do not need this hotfix, if your Jumbo take is above 56 with R80.10. Otherwise, please open a support request to get it from TAC

0 Kudos
G_W_Albrecht
Legend Legend
Legend

I would rather go with sk122323 Log Exporter - Check Point Log Export and Check_Point_R80.10_Log_Exporter_T35_sk122323_FULL.tgz. sk115392 How to export Check Point logs to a Syslog server using CPLogToSyslog is the older tool (Check_Point_CPLogToSyslog_R80.10_GA_jhf_T56_FULL.tgz).

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist
0 Kudos
_Val_
Admin
Admin

Hi Gunter, this was my original recommendation. Do I miss something?

0 Kudos
G_W_Albrecht
Legend Legend
Legend

Yes, we did agree completely in our suggestions 😉 I did reply to the message from Shivajith S @ Valeri Loukine am 04.07.2018 15:21 more than to yours.

Als richtig markieren
Richtige Antwort

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist
Shivajith_S
Contributor

Instead of going for CPLogToSyslog , Log Exporter-Check Point Log Export will help to achieve the target to forward the tracker log to syslog ?

May I know which version of Log Exporter need to install is it T35 which you mentioned, or how should I select the correct suitable version ?

0 Kudos
DeletedUser
Not applicable

As Valeri says in his initial reply Log Exporter doesn't forward the Tracker log file, but sets up a syslog feed of the log events to a syslog server. If this is what you want to achieve, then the answer is yes.

And yes T35 is the latest R80.10 version available. 

0 Kudos
Kaydo_Bramble
Explorer

Can someone tell me if using Log Exporter to forward all logs from the management server, will I still be able to view my logs in Tracker AND on the syslog server?  Or will the logs now go directly to the syslog server and only be viewable from there?

0 Kudos
PhoneBoy
Admin
Admin

Log Exporter sends the logs to the configured syslog server.

It does not remove the logs from the management, so they can be viewed in SmartLog or SmartView.

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events