- Products
- Learn
- Local User Groups
- Partners
- More
Firewall Uptime, Reimagined
How AIOps Simplifies Operations and Prevents Outages
Introduction to Lakera:
Securing the AI Frontier!
Check Point Named Leader
2025 Gartner® Magic Quadrant™ for Hybrid Mesh Firewall
HTTPS Inspection
Help us to understand your needs better
CheckMates Go:
SharePoint CVEs and More!
這招用過幾次,基本上中小客戶沒什麼問題,但是在Log量大的客戶,比方說大學或教網,一天的Log可以到10~30G的,通常就不能帶這麼多參數了,否則會失敗。
Nice. Thanks.
Here is one from a small lab (R80.10):
[Expert@A-SMS:0]# CPLogInvestigator -a -m -p
Thank you for using log investigator tool.
==============================================================
Start reading log file: /opt/CPsuite-R80/fw1/log/fw.log
Start reading log file: /opt/CPsuite-R80/fw1/log/fw.log from log 0
..
Reading log file is DONE.
Total scanned 17888 logs out of 17888 logs in file
Scanned logs dates are from 17-04-2019 11:22:39 to 17-04-2019 15:00:38
========================================
Product log statistics (Per Day):
Days of counting: 0.151377
Product name: Anti Malware Amount of logs: 508 Average: 3355
Product name: Application Control Amount of logs: 224 Average: 1479
Product name: Compliance Blade Amount of logs: 1 Average: 6
Product name: Content Awareness Amount of logs: 28 Average: 184
Product name: Eventia Analyzer Client Amount of logs: 1 Average: 6
Product name: Identity Awareness Amount of logs: 7 Average: 46
Product name: N/A Amount of logs: 350 Average: 2312
Product name: New Anti Virus Amount of logs: 27 Average: 178
Product name: Security Gateway/Management Amount of logs: 10 Average: 66
Product name: SmartConsole Amount of logs: 7 Average: 46
Product name: URL Filtering Amount of logs: 21 Average: 138
Product name: VPN-1 & FireWall-1 Amount of logs: 16719 Average: 110445
Total logs per day:
Date | GB | Count
2018-02-19 | 0.0006 | 17568
2018-02-20 | 0.0006 | 4750
2018-02-21 | 0.0294 | 338432
2018-03-23 | 0.0036 | 39726
2018-05-30 | 0.0008 | 12594
2018-06-01 | 0.0005 | 8224
2018-07-03 | 0.0009 | 15486
2018-11-14 | 0.0001 | 1588
2019-04-15 | 0.0001 | 1698
2019-04-16 | 0.0025 | 40772
2019-04-17 | 0.0041 | 58396
fw.log | 0.0029 | 35776
==============================================================
Logs per minute table can be found at logPerMinute.txt
==============================================================
[Expert@A-SMS:0]#
Hi Don - Long time!
Do you know if the stats include indexed logs or is this just raw log files?
Hello! 🙂
I believe it is only the active log file (fw.log)
Not sure how the index could be scanned. I understand that it summarized logs so I am not sure if it is possible.
There is a SOLR command line option so maybe that would allow it.
That's beyond my knowledge at this point.
Regards,
Don
Thanks Don!
Hi Dameon,
Is there another log analyzer tool that captures more than just the active log file?
(more than CPLogInvestigator -a -m -p)
Regards,
Don
I think -m might be causing it to only get the active log file.
See: https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solut...
Product name: N/A Amount of logs: 350 Average: 2312 what is the meaning of N/A on the logs. which blade is related to N/A
I am not sure.
I can't find anything on it.
Maybe is it Control (Type) logs. Search "Control" in the LOGS & MONITOR Logs tab.
Since those are not Security logs they are not listed in the Log Description Fields, but it is in some CLI guides.
https://support.checkpoint.com/results/sk/sk144192
Don,
Just a not, I believe in R80.x and later this is not available, and you would need to run doctor-log located in $RTDIR/scripts
It's included in R81.10 by default.
Expert mode: just type in CPLogInvestigator and press enter.
Doctor log is another option.
Tried running that, but did not work (Its an MDS setup), doctor-log attempts to run this as well, but could not find it.
My main objective is to determine the daily amount of logs and more challenging I export TP data via logexporter, so would like to determine daily amount I'm exporting.
The information drive is related to migrating a DMS to Smart-1 Cloud.
Leaderboard
Epsum factorial non deposit quid pro quo hic escorol.
User | Count |
---|---|
29 | |
16 | |
4 | |
4 | |
4 | |
3 | |
3 | |
3 | |
3 | |
2 |
Tue 07 Oct 2025 @ 10:00 AM (CEST)
Cloud Architect Series: AI-Powered API Security with CloudGuard WAFThu 09 Oct 2025 @ 10:00 AM (CEST)
CheckMates Live BeLux: Discover How to Stop Data Leaks in GenAI Tools: Live Demo You Can’t Miss!Thu 09 Oct 2025 @ 10:00 AM (CEST)
CheckMates Live BeLux: Discover How to Stop Data Leaks in GenAI Tools: Live Demo You Can’t Miss!Wed 22 Oct 2025 @ 11:00 AM (EDT)
Firewall Uptime, Reimagined: How AIOps Simplifies Operations and Prevents OutagesAbout CheckMates
Learn Check Point
Advanced Learning
YOU DESERVE THE BEST SECURITY