Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Robert_Sisk
Participant

Significance of Gateway Core Files

Hi Everyone,

Check Point support told us we can ignore scanengine_b and scanengine_k core files, which seem to happen rather frequently on our R80.10 gateways. Is anyone aware of a list of core file types that should be submitted to CP Support for analysis? Are core files only submitted for analysis when/if there is an issue on the gateway and otherwise ignored?

Thanks,

Bob

0 Kudos
3 Replies
JackPrendergast
Advisor
Advisor

Hi,

 

I presume you are using Threat Emulation?

 

If you are, then this is normal behaviour. Tweaks have been made over the years to reduce the number of dumps and I arent sure why its done - but its normal.

 

Core files should only be submitted when you have an issue generally. If you are having adverse impact, and you notice a core dump, that for the R&D guys is extremely helpful.

 

Hope that helps.

0 Kudos
G_W_Albrecht
Legend Legend
Legend

Both kernel and usermode dumps can be helpfull if any issue had occured at the time they were generated. Frequent dumps without any visible issue may be important, too.

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist
0 Kudos
Robert_Sisk
Participant

Thanks to everyone for the information. To me it seems like our R80.10 firewalls generate more cores than I have seen when managing UNIX/Linux servers over the years, but they are firewalls with many processes, we are running almost all of the security blades. For the most part, core file generation does not correlate with any problems of which I am aware and when it does we have CP Support review them, however, I am not sure how they impact firewall performance. It is also a bit concerning when sshd and cpd produce cores. Thanks again!

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events