This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Marc0523
Participant
‎2024-09-30 06:01 AM

Disk uage when debugging

Our VPN to AWS died. The AWS logs state Check Point's side stopped responding to DPD requests.
Our logs don't mention this, so I want to turn on debugging to detect this next time it happens.

I want to run 

vpn debug trunc
ike debug trunc

 

The issue is, this is a rare problem (only happened once so far), and I am worried about filling up the disk with excessive logs if I have debugs running for days or weeks.

I looked through the documentation, but could not find anything stating how the debug commands make sure they don't fill up the local disk.

 

Can anyone advise if logging will fill up the disk, or does it automatically delete old logs?
What about CPU usage, do I need to worry about this as well?

 

Thanks in advance for answers.

0 Kudos
4 Replies
the_rock
Legend
Legend
‎2024-09-30 06:16 AM

This debug is light, you can leave it for days...

Andy

******

vpn debug trunc

vpn debug ikeon

-replicate the issue

vpn debug ikeoff

 

Or, if you wish to leave it, dont run vpn debug ikeoff (only when you want to turn it off)

To totally turn off debugs, rune fw ctl debug -x; fw ctl debug 0

 

0 Kudos
Marc0523
Participant
‎2024-09-30 06:55 AM
In response to the_rock

Issue is we are not sure what caused the issue, so cannot replicate yet.

We might need the debugs running for days or weeks.

 

I will run the debug on another site which is less important for a day or so, see how big the logs get, and extrapolate how long I can run it on our primary site.

I would feel much more comfortable if I knew it would keep logs files to no greater than xGB.

0 Kudos
the_rock
Legend
Legend
‎2024-09-30 06:56 AM
In response to Marc0523

Thats fair. I can tell you from my personal experience, I had many clients run that debug for week or more, file was NEVER larger than 200 MBs.

 

Andy

0 Kudos
Tal_Paz-Fridman
Employee
Employee
‎2024-09-30 06:38 AM

Try running it for ten minutes or an hour to see how much space it takes and calculate what it might take for 24 hours. 

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    CheckMates Events