- CheckMates
- :
- Products
- :
- Quantum
- :
- Security Gateways
- :
- CheckPoint Gateway HitCount
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Are you a member of CheckMates?
×- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
CheckPoint Gateway HitCount
I can run the API/command on the Check Point Management Server to retrieve the hit counts for security rules, but it provides the aggregate hit counts for all gateways on which security policy applied rather than specific ones.
Is there a command, API, or method available to collect the security rule hit counts directly from a local gateway instead of through the Management Server?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
This answer is provided by Infinity AI Copilot and should be confirmed by reviewing official documentation in Support Center.
Currently, there isn't a direct command or API to retrieve security rule hit counts directly from a local gateway. The hit counts are typically aggregated and retrieved through the Check Point Management Server.
However, you can use the cpstat
command on the Management Server to get hit counts for a specific Security Gateway and save it to a file. Here's how you can do it:
- Connect to the command line on the Management Server.
- Log in to the Expert mode.
- Use the following command to get the hit count for a specific Security Gateway:
Replacecpstat -h <IP Address of Security Gateway Object> blades > /var/log/HitCount_for_GW.txt
<IP Address of Security Gateway Object>
with the actual IP address of your Security Gateway.
This method allows you to export the hit count data for a specific gateway, but it still requires access through the Management Server. If you need further assistance or have any other questions, feel free to ask!
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
To confirm the answer by CheckMatesAI, see: https://support.checkpoint.com/results/sk/sk135212
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Not sure if this looks right (just did it in my lab), but seems some info is missing...
Andy
[Expert@CP-MANAGEMENT:0]# cpstat -h 172.16.10.249 blades > /var/log/hitcount_for_gw.txt
[Expert@CP-MANAGEMENT:0]# more /var/log/hitcount_for_gw.txt
Packets accepted : 44090826
Packets dropped : 13516
Peak number of connections: 1019
Number of connections: 7
Top Rule Hits
-----------------------
|rule index|rule count|
-----------------------
-----------------------
[Expert@CP-MANAGEMENT:0]#
