This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Tomer_Sole
Mentor
Mentor
‎2016-05-26 09:34 AM
Jump to solution

What are the features inside SmartConsole which contain integrated audit logs?


How can seeing audit logs next to the various views in SmartConsole assist with decision-making?

(Please do not confuse this thread with What are the features inside SmartConsole which contain integrated log views?  )

1 Solution

Accepted Solutions
Tomer_Sole
Mentor
Mentor
‎2016-05-26 09:37 AM
Jump to solution

The Audit Logs pane appears in the bottom of:

  • Access Control rulebases - all changes for the selected rule.
  • Gateways and Servers view - all audit logs that were produced for the provisioning tasks performed on the selected device.
  • Revisions view (from "Manage & Settings") - all changes for the selected revision.
    audit-logs-for-revisions.png
  • Install Policy dialog - all changes on the selected Gateway (or all the gateways) since the last policy installation.

install-policy-changes.png

  • Installation History view (from "Access Tools" or "Threat Tools" inside Security Policies) - all changes between 2 policy installations on the selected gateway.

installation-history.png

  • Inside Access Control rulebases, the user can select Actions-->History to see all revisions and audit logs of the current layer. This view also allows partial revert of the changes (see How do you rollback an old policy? )

"Rule Content History":

In Access Control layers, You can also select a rule and see the history of the rule as well as the history of all the objects that are used inside of its cells. This feature is called content history. In R80.10 the name will change to rule objects history.

get-content-history.png

content-history.png

View solution in original post

3 Replies
Tomer_Sole
Mentor
Mentor
‎2016-05-26 09:37 AM
Jump to solution

The Audit Logs pane appears in the bottom of:

  • Access Control rulebases - all changes for the selected rule.
  • Gateways and Servers view - all audit logs that were produced for the provisioning tasks performed on the selected device.
  • Revisions view (from "Manage & Settings") - all changes for the selected revision.
    audit-logs-for-revisions.png
  • Install Policy dialog - all changes on the selected Gateway (or all the gateways) since the last policy installation.

install-policy-changes.png

  • Installation History view (from "Access Tools" or "Threat Tools" inside Security Policies) - all changes between 2 policy installations on the selected gateway.

installation-history.png

  • Inside Access Control rulebases, the user can select Actions-->History to see all revisions and audit logs of the current layer. This view also allows partial revert of the changes (see How do you rollback an old policy? )

"Rule Content History":

In Access Control layers, You can also select a rule and see the history of the rule as well as the history of all the objects that are used inside of its cells. This feature is called content history. In R80.10 the name will change to rule objects history.

get-content-history.png

content-history.png

Martin_Raska
Advisor
Advisor
‎2018-08-13 01:23 AM
In response to Tomer_Sole
Jump to solution

Hi Tomer,

why there is missing rule number in audit logs when user create a new rule? There is only rule comment or name and when admin create the rule without it, how can I find which rule it was? I can only do "where used" with used object.

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    CheckMates Events