Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 

CKP-BASH-AUDIT-LOGS - Based on sk99134 / Audit Logs

cezar_varlan1
Collaborator

This tool is to add logging for Bash shell commands in Gaia - well Check point has a detailed SK about it. 

Updated with a script that makes the required changes when ran from the SMS Smart Dashboard Script Repository. 

Added second script that can also set an external syslog server if needed.

Added Readme file with instructions. 

 

Script location: https://github.com/inscez/ckp-audit-bash

Updated Archive also. 

 

;
TO ACCESS CHECKMATES TOOLBOX it's simple and free


2 Replies

PhoneBoy
Admin
Admin

The longer-term goal here is to move away from expert mode, bringing the needed functionality into clish natively or through some sort of extension (e.g. custom commands).
This is also not a requirement for a large number of customers, though the customers that need it are...often large.

;
TO ACCESS CHECKMATES TOOLBOX it's simple and free


0 Kudos

cezar_varlan1
Collaborator

Thought that adding a Script repository meant just the opposite.

 

script repo.PNG

 

Also consider configuring Syslog server on the Gateways according to sk102995

clish -c "add syslog log-remote-address <SYSLOG_IP> level info"

clish -c "set syslog auditlog permanent"
clish -c "save config"
clish -c "show syslog all"

;
TO ACCESS CHECKMATES TOOLBOX it's simple and free


0 Kudos