Are you a member of CheckMates?
×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
The amount of storage you have is a function of the size of your /var/log partition on your appliance/VM.
[Expert@Mgmt:0]# df
Filesystem 1K-blocks Used Available Use% Mounted on
/dev/mapper/vg_splat-lv_current 31995824 20655304 9715228 69% /
/dev/sda1 295561 37378 242923 14% /boot
tmpfs 8151708 4 8151704 1% /dev/shm
/dev/mapper/vg_splat-lv_log 182833140 80374712 93021244 47% /var/log
Log retention period is a function of disk space, not necessarily time (though you can age log indexes based on # of days).
Logs can be rotated on either a size basis (up to 2GB) or time basis (note in R80.x this happens at midnight daily).
Both are configured here:
Logs are stored in $FWDIR/log on Management or Log server (depending on your configuration) and can be transferred to another system with standard Linux file transfer tools.
also
you can check that sk for the maintenance of the logs and its storage capacity + sanity check with clean-up procedures, hope you find it helpful 
sk33306 (wonder why I cannot find it having an expert mode on UC?)
look at and watch out at the following spaces:
$CPDIR/log
$FWDIR/log
/var/CPbackup
/var/CPsnapshot
also search (once you have got some disk space issues) for so called "core files" by issuing a command
find / -name "core"
you may find lots of useless (at this stage) files which can be safely removed
Good luck!
--jerry--
