This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
ABOUT CHECKMATES & FAQ
Create a Post
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Help

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
SriniKrish
Contributor
‎2021-10-31 10:23 PM

Error: Failed to read field product_family

Hi Guys,

I am evaluating the logs in a 3600 device and came across quite a few errors recurring.

Does the error in the subject ring any bells ?

C3600>  fw log -n -l
Error: Failed to read field product
31Oct2021 0:00:00 5 N/A 1 ctl cn=cp_mgmt,o=gw-9f7238..qtkfhz > daemon LogId: <max_null>; ContextNum: <max_null>; OriginSicName: cn=cp_mgmt,o=gw-9f7238..qtkfhz; log_sys_message: Log file has been switched to: 2021-10-31_000000.log;
Error: Failed to read field product_family

Below are the reference logs:

=========================
31Oct2021 0:00:00 5 N/A 3 accept cn=cp_mgmt,o=gw-9f7238..qtkfhz > eth1 LogId: 0; ContextNum: <max_null>; OriginSicName: cn=cp_mgmt,o=gw-9f7238..qtkfhz; inzone: External; outzone: Local; service_id: nbdatagram; src: 10.0.0.124; dst: 10.0.0.255; proto: udp; UP_match_table: TABLE_START; ROW_START: 0; match_id: 1; layer_uuid: 8a994dd3-993e-4c0c-92a1-a8630b153f4c; layer_name: Network; rule_uid: 60e2929c-4371-402b-bf57-3f2efca62cad; rule_name: Cleanup rule; ROW_END: 0; UP_match_table: TABLE_END; ProductName: VPN-1 & FireWall-1; svc: nbdatagram; sport_svc: nbdatagram;
Error: Failed to read field service


31Oct2021 0:00:00 5 N/A 4 drop cn=cp_mgmt,o=gw-9f7238..qtkfhz < eth1 LogId: 1; ContextNum: <max_null>; OriginSicName: cn=cp_mgmt,o=gw-9f7238..qtkfhz; TCP packet out of state: First packet isn't SYN; tcp_flags: FIN-ACK; src: 10.0.0.198; dst: 184.85.85.130; proto: tcp; ProductName: VPN-1 & FireWall-1;
Error: Failed to read field product_family


31Oct2021 0:00:00 5 N/A 5 accept cn=cp_mgmt,o=gw-9f7238..qtkfhz > eth1 LogId: 0; ContextNum: <max_null>; OriginSicName: cn=cp_mgmt,o=gw-9f7238..qtkfhz; inzone: External; outzone: Local; service_id: nbdatagram; src: 10.0.0.29; dst: 10.0.0.255; proto: udp; UP_match_table: TABLE_START; ROW_START: 0; match_id: 1; layer_uuid: 8a994dd3-993e-4c0c-92a1-a8630b153f4c; layer_name: Network; rule_uid: 60e2929c-4371-402b-bf57-3f2efca62cad; rule_name: Cleanup rule; ROW_END: 0; UP_match_table: TABLE_END; ProductName: VPN-1 & FireWall-1; svc: nbdatagram; sport_svc: nbdatagram;
Error: Failed to read field service

I see the error both in accept as well as drop rules ( cleanup rules) and would like to know why am I seeing this ?

Appreciate any directions here.

 

Best regards

Srini

0 Kudos
7 Replies
PhoneBoy
Admin
Admin
‎2021-11-02 10:46 PM

Sounds like corrupted logs.
Recommend a TAC case.

Tal_Paz-Fridman
Employee
Employee
‎2021-11-04 02:04 AM

Hi

We're aware of the issue. and working on a fix. The fix should be included in one of the upcoming JHFs.

Please check in the documentation for the relevant (upcoming) JHF to see if it is included in the list of resolved issues.

 

Teet
Explorer
‎2021-11-08 06:30 AM
In response to Tal_Paz-Fridman

Hello, I'm having the same issue on R81 t36 mgmt server, when using 'fw log' the log messages have 'Error: Failed to read field product_family' and when grepping it's worse:


Error: Failed to read field product_family
Error: Failed to read field product_family
Error: Failed to read field product_family
Error: Failed to read field product_family
Error: Failed to read field product_family
Error: Failed to read field product_family
Error: Failed to read field product_family
Error: Failed to read field product_family
Error: Failed to read field product_family
Error: Failed to read field product_family
Error: Failed to read field product_family
Error: Failed to read field product_family
Error: Failed to read field product_family
Error: Failed to read field product_family
Error: Failed to read field product_family
Error: Failed to read field product_family
Error: Failed to read field product_family
Error: Failed to read field product_family
Error: Failed to read field product_family
Error: Failed to read field product_family
Error: Failed to read field product_family
Error: Failed to read field product_family
Error: Failed to read field product_family
21:35:15 5 N/A 15 accept > eth1 LogId: 0; ContextNum: <max_null>; OriginSicName: CN=xxxxxx,O=xxxxxx..xxxxxx; inzone: Internal; outzone: Internal; service_id:

<log info redacted>

15353;
Error: Failed to read field product_family

0 Kudos
Douglas_Rich
Contributor
‎2022-03-18 08:21 AM
In response to Teet

Same issue on R81.10 JHF Take 30

0 Kudos
Chris_Atkinson
Employee
Employee
‎2022-03-18 05:23 PM
In response to Douglas_Rich

Similar symptoms (sk176644) appear to be resolved in the latest ongoing takes. 

0 Kudos
Vladimir
Champion
Champion
‎2022-05-12 03:56 PM
In response to Tal_Paz-Fridman

Still an issue in R81.10 Take 45.

0 Kudos
Douglas_Rich
Contributor
‎2022-05-13 09:02 AM
In response to Vladimir

Now I'm seeing this in fwd.elg with R81.10 JHF Take_45: 
CJoinTableLogic::calculateJoinedFormat: error: can't find table: UP_action_table, field id: 201, in tables map
CJoinTableLogic::prepareLog fail to create joined format
write_log_fields_to_lea: error in format retrieval of log

Seems loosely related. 

0 Kudos