Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Pavan9096
Explorer

CheckPoint Gateway HitCount

I can run the API/command on the Check Point Management Server to retrieve the hit counts for security rules, but it provides the aggregate hit counts for all gateways on which security policy applied rather than specific ones.

Is there a command, API, or method available to collect the security rule hit counts directly from a local gateway instead of through the Management Server?

0 Kudos
4 Replies
the_rock
Legend
Legend

0 Kudos
CheckMatesAI

This answer is provided by Infinity AI Copilot and should be confirmed by reviewing official documentation in Support Center.

Currently, there isn't a direct command or API to retrieve security rule hit counts directly from a local gateway. The hit counts are typically aggregated and retrieved through the Check Point Management Server.

However, you can use the cpstat command on the Management Server to get hit counts for a specific Security Gateway and save it to a file. Here's how you can do it:

  1. Connect to the command line on the Management Server.
  2. Log in to the Expert mode.
  3. Use the following command to get the hit count for a specific Security Gateway:
    cpstat -h <IP Address of Security Gateway Object> blades > /var/log/HitCount_for_GW.txt 
    Replace <IP Address of Security Gateway Object> with the actual IP address of your Security Gateway.

This method allows you to export the hit count data for a specific gateway, but it still requires access through the Management Server. If you need further assistance or have any other questions, feel free to ask!

0 Kudos
PhoneBoy
Admin
Admin

To confirm the answer by CheckMatesAI, see: https://support.checkpoint.com/results/sk/sk135212

0 Kudos
the_rock
Legend
Legend

@PhoneBoy 

Not sure if this looks right (just did it in my lab), but seems some info is missing...

Andy

 

[Expert@CP-MANAGEMENT:0]# cpstat -h 172.16.10.249 blades > /var/log/hitcount_for_gw.txt
[Expert@CP-MANAGEMENT:0]# more /var/log/hitcount_for_gw.txt

Packets accepted : 44090826
Packets dropped : 13516
Peak number of connections: 1019
Number of connections: 7


Top Rule Hits
-----------------------
|rule index|rule count|
-----------------------
-----------------------


[Expert@CP-MANAGEMENT:0]#

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events