This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Shivajith_S
Contributor
‎2018-07-04 05:18 AM
Jump to solution

forward tracker logs

Hi Experts ,

Need advice on the following , I need to forward tracker logs to Syslog server but i am not able to find the syslog server to forward logs as shown below .

Is there any ways to do it to forward tracker logs....

Regards,

Shiva.

1 Solution

Accepted Solutions
_Val_
Admin
Admin
‎2018-07-04 05:49 AM
Jump to solution

The settings you are trying to use are to forward your Check Point logs periodically to another Check Point Log server. It will not work for a syslog server or a SIEM.

To set up log export to syslog from your central management log servers, please refer to sk122323

View solution in original post

0 Kudos
10 Replies
_Val_
Admin
Admin
‎2018-07-04 05:49 AM
Jump to solution

The settings you are trying to use are to forward your Check Point logs periodically to another Check Point Log server. It will not work for a syslog server or a SIEM.

To set up log export to syslog from your central management log servers, please refer to sk122323

0 Kudos
Shivajith_S
Contributor
‎2018-07-04 06:21 AM
In response to _Val_
Jump to solution

  • From sk122323 is it possible brief following bold points..   

R80.10

Install this release on a R80.10 Multi-Domain Server, Multi-Domain Log Server, Security Management Server, Log Server or SmartEvent Server.
Note: Log Exporter can be installed on top of R80.10 Jumbo Hotfix Take 56 and above.

**This hotfix must be installed after the Jumbo, and will need to be uninstalled to upgrade to a higher Jumbo take, and then reinstalled after the newer Jumbo is in place. 

  • May I Know installing the following hot fix help to achieve the target  Check_point_CPlogToSyslog_R80.1_GA_jhf_T42_fULL.tgz  ? 

0 Kudos
_Val_
Admin
Admin
‎2018-07-04 06:37 AM
In response to Shivajith_S
Jump to solution

You do not need this hotfix, if your Jumbo take is above 56 with R80.10. Otherwise, please open a support request to get it from TAC

0 Kudos
G_W_Albrecht
Legend Legend
Legend
‎2018-07-04 06:53 AM
In response to Shivajith_S
Jump to solution

I would rather go with sk122323 Log Exporter - Check Point Log Export and Check_Point_R80.10_Log_Exporter_T35_sk122323_FULL.tgz. sk115392 How to export Check Point logs to a Syslog server using CPLogToSyslog is the older tool (Check_Point_CPLogToSyslog_R80.10_GA_jhf_T56_FULL.tgz).

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist
0 Kudos
_Val_
Admin
Admin
‎2018-07-04 07:36 AM
In response to G_W_Albrecht
Jump to solution

Hi Gunter, this was my original recommendation. Do I miss something?

0 Kudos
G_W_Albrecht
Legend Legend
Legend
‎2018-07-05 11:58 PM
In response to _Val_
Jump to solution

Yes, we did agree completely in our suggestions 😉 I did reply to the message from Shivajith S @ Valeri Loukine am 04.07.2018 15:21 more than to yours.

Als richtig markieren
Richtige Antwort

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist
Shivajith_S
Contributor
‎2018-07-04 07:20 PM
In response to G_W_Albrecht
Jump to solution

Instead of going for CPLogToSyslog , Log Exporter-Check Point Log Export will help to achieve the target to forward the tracker log to syslog ?

May I know which version of Log Exporter need to install is it T35 which you mentioned, or how should I select the correct suitable version ?

0 Kudos
DeletedUser
Not applicable
‎2018-07-05 01:00 PM
In response to Shivajith_S
Jump to solution

As Valeri says in his initial reply Log Exporter doesn't forward the Tracker log file, but sets up a syslog feed of the log events to a syslog server. If this is what you want to achieve, then the answer is yes.

And yes T35 is the latest R80.10 version available. 

0 Kudos
Kaydo_Bramble
Explorer
‎2018-07-12 01:08 PM
In response to DeletedUser
Jump to solution

Can someone tell me if using Log Exporter to forward all logs from the management server, will I still be able to view my logs in Tracker AND on the syslog server?  Or will the logs now go directly to the syslog server and only be viewable from there?

0 Kudos
PhoneBoy
Admin
Admin
‎2018-07-13 02:19 AM
In response to Kaydo_Bramble
Jump to solution

Log Exporter sends the logs to the configured syslog server.

It does not remove the logs from the management, so they can be viewed in SmartLog or SmartView.

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    CheckMates Events
    Top