Who rated this post

Dear friends @PhoneBoy @the_rock ,

I've been thinking about this specific request, and I believe it could be achieved as follows: The goal is to monitor the output of the log $FWDIR/log/oracle_had.elg, so on the Check Point Gateways, I could create a .sh script with the following content:

###################################################################

#!/bin/bash

while true; do
tail -f /opt/CPsuite-R81.10/fw1/log/oracle_had.elg | nc -l -p 12345
sleep 5
done

###################################################################

and schedule this task in cron. This will make the Gateway create a server listening on port 12345 and sending the content of the specific log.

After that, in some monitoring tool, I can use netcat with the 'nc gateway_ip 12345' command to allow the tool to view the log's output and then create some kind of alert if the log's output contains any unexpected values.

I'm not sure yet which tool could be used or how to configure this alert within it, but this could be a way to go.