This website uses cookies. By clicking OK, you consent to the use of cookies. Click Here to learn more about how we use cookies.
OK
ABOUT CHECKMATES & FAQ
Create a Post
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Help
jnoble
Participant
‎2020-04-08 01:34 PM

How to download an attachment removed by checkpoint?

Hi,

 

One of our users received an email with .mp3 extension from our client and the attachment was removed by checkpoint.

 

Is there a way to retrieve it?

 

Thanks.

Preview file
32 KB
0 Kudos
Reply
4 Replies
PhoneBoy
Admin
Admin
‎2020-04-08 05:51 PM

If I'm not mistaken, these attachments aren't saved anywhere.
There may be hints in the log files referred to here: https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solut...
0 Kudos
Reply
Dilian_Chernev
Contributor
‎2020-04-14 02:35 AM

Open the Summary report from logs and download it from there: 

te_report_download.png

 

Password for the archive should be: infected

0 Kudos
Reply
jnoble
Participant
‎2020-04-14 04:42 AM
In response to Dilian_Chernev

Hi Dilian,

 

Can you give me the steps in detail?

Is there a built in summary report?

Thanks.

 

 

0 Kudos
Reply
Dilian_Chernev
Contributor
‎2020-04-15 12:02 AM
In response to jnoble

Yes, for every "malicious" file there should be a Summary and Detailed per OS reports.

First locate the blocked connection in logs:

te_logs.png

Second: open the log record and check the summary report. It is best viewed with Chrome/Firefox.

te_summary.png

Third: will see the Summary report and can download prevented file, as on my first post.

0 Kudos
Reply